Need to skirt around that pesky corporate firewall?
Or host a service while NATed?
What you need is a reverse SSH tunnel and you will be well on your way to confusing your friends trying to tell them what you've done.
N.B Visit www.campusflava.com for other updates
Or host a service while NATed?
What you need is a reverse SSH tunnel and you will be well on your way to confusing your friends trying to tell them what you've done.
N.B Visit www.campusflava.com for other updates
- 1Server: apt-get install openssh-server
- 2Server: ssh-keygen
- 3Client: apt-get install openssh-client
- 4Client: ssh-keygen
- 5Client: ssh-copy-id user@server
- 6Server: Edit /etc/ssh/sshd_config as root.
- Change '#PasswordAuthentication yes' to 'PasswordAuthentication no'.
- Add 'GatewayPorts clientspecified' to the end of the file.
- 7Client: Now we create the reverse tunnel with
ssh -R 10.0.0.111:5555:127.0.0.1:4444 user@10.0.0.111- -R makes the tunnel reversed
- 10.0.0.1 is the ip address of the interface on your server that is facing the Internet
- 5555 is the servers port to listen on.
- 4444 is the port to forward to on your client.
- 8Now you can open ports on the server to the Internet and forward them through your tunnel to your client.
- Use -nNR when creating the tunnel if you don't need a shell.
- You can change the computer that the port is forwarded to by
changing the local loop-back address (127.0.0.1) to the ip address of
that computer. So, 10.0.0.111:5555:192.168.0.2:4444 would forward port
5555 on 10.0.0.111 to port 4444 on 192.168.0.2
Warnings
- Keep the id_rsa file created by ssh-keygen safe! This is you private key! Give it to no one! id_rsa.pub however, you can give out to anyone.
- Two computers: One that you will be forwarding ports to and the other that you can open to the Internet.
- These instructions assume both systems are running Ubuntu or a similar distro.
- Basic knowledge of the command line might help.
No comments:
Post a Comment