Skip to content

Instantly share code, notes, and snippets.

@m-2k

m-2k/smtp_port_forwarding.md

Created September 28, 2017 21:13
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save m-2k/069b5df26f5d83a4950bd3565f4f42fc to your computer and use it in GitHub Desktop.
Save m-2k/069b5df26f5d83a4950bd3565f4f42fc to your computer and use it in GitHub Desktop.
Download ZIP
Reverse SSH tunneling with iptables config for SMTP local developing
Raw
smtp_port_forwarding.md

Setup NAT routing (server)

  • Setup redirecting 25 port to 2525 port for ens3 interface
iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 25 -j REDIRECT --to-port 2525
  • Show config sudo iptables -t nat -L -n -v
  • Save config sudo iptables-save

Setup SSH server (server)

Note that if you use OpenSSH sshd server, the server's GatewayPorts option needs to be enabled (set to yes or clientspecified) for this to work (check file /etc/ssh/sshd_config on the server).

echo "GatewayPorts clientspecified" >> /etc/ssh/sshd_config
service ssh restart

[OPTIONAL] Setup SSH connection without password auth (local)

  • Gen sertificate files; if ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub already exist – use them
ssh-keygen -t rsa -b 16384
ssh-copy-id [-p 22] user@server

[OPTIONAL] Setup SSH alias for connection (local)

  • Edit SSH client config nano ~/.ssh/config:
Host *
  ServerAliveInterval 60
  UseKeychain yes

Host HostAliasName
  Hostname 123.123.123.123
  Port 22
  User username
  Compression yes
  PasswordAuthentication no

Create SSH tunnel (local)

  • Run with bind_address ssh -R :2525:localhost:2525 -N HostAliasName

Enjoy!

$ telnet fuck.xyz 25
Trying 123.123.123.123...
Connected to fuck.xyz.
Escape character is '^]'.
220 Come to daddy
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment