Skip to content

Instantly share code, notes, and snippets.

@sdntechforum

sdntechforum/ssh_remote_port_forwarding.md

Last active February 24, 2023 16:36
Show Gist options
  • Save sdntechforum/14eb118d8ec9cf52d42fee01f21e0886 to your computer and use it in GitHub Desktop.
Save sdntechforum/14eb118d8ec9cf52d42fee01f21e0886 to your computer and use it in GitHub Desktop.
Download ZIP
This document demonstrate ssh remote port forwarding behavior and configuration
Raw
ssh_remote_port_forwarding.md

SSH Remote Port Forwarding is a method of securely accessing a computer over a network by redirecting traffic from one port to another. It is a type of tunneling that allows users to securely access resources located on a remote machine, such as a web server or database server, from a local machine.

In this method, the remote machine is the host, and the local machine is the client. The host machine will listen for incoming connections on a specific port, and the client machine will forward the traffic from that port to another port on the remote machine, allowing the user to access the remote resources securely.

Here is the testbed for our demonstartion purpose - Two VMs having SSH connection between them, No other ports are allowed between these two hosts. The Oracle VM is running nginx service on non-standard port 3000. AWS VM listens to port 8080. For our test AWS VM request localhost:8080 and this request is redirected over SSH tunnel to port 3000 on Oracle VM which in turn return Oracle Linux Nginx splash page.

Screenshot 2023-02-22 at 11 26 37 PM

To set up remote port forwarding in Linux 8, you can use the ssh command line utility. Here are the steps:

Open a terminal window.

Connect to the remote host using ssh, specifying the remote port forwarding option and the target port. For example:

ssh -R 8080:127.0.0.1:80 user@remote-host

In this example, the remote port 8080 is being forwarded to the local port 3000 on the remote host.

Enter the password for the remote user when prompted or you can supply ssh key by adding -i flag.

Once connected, you can test the remote port forwarding by accessing the target port on the remote host. For example, if you are forwarding port 8080, you can open a web browser and access http://127.0.0.1:8080 to see if the port forwarding is working.

Note: This example assumes that the remote host is configured to allow remote port forwarding. You may need to check the remote host's firewall settings or ssh configuration to ensure that remote port forwarding is allowed.Chhaes the Gateway Port to Yes.

Validation from wireshark capture

  • Regular SSH trasaction without Remote port forwarding shown below

At first a 3 way tcp hadnshake happens then server clinet exhange keys, from here onwards DATA exchange via keystorke and output presented on screen. Finally TCP sesion is closed by setting "FIN" flag.

Screenshot 2023-02-22 at 10 52 00 PM

Screenshot 2023-02-22 at 10 53 04 PM

  • SSH trasaction with Remote port forwarding shown below -

a. Capture at AWS VM - loopback interface

https://127.0.0.1:8080

redirects to Oracle VM port 3000 over SSH with remote port forwarding enabled on Oracle VM side. Screenshot 2023-02-22 at 11 06 21 PM

b. Capture at Oracle VM - physical interface - At first a 3 way tcp hadnshake happens then server clinet exhange keys. Then you from here onwards DATA exchange via keystorke and output presented on screen. Finally TCP sesion is closed by setting "FIN" flag.

Screenshot 2023-02-22 at 11 04 42 PM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment