If you need to SSH to a host but don’t have direct SSH access, you can perform a reverse SSH tunnel. For this you need a host that will except inbound connections to work as a “jump host”, it is possible without it, where you could SSH back to your client computer; however for the purposes of this example the setup is as follows:<\/p>\n\n\n\n
1. TARGETSRV – Target host you want to connect to, you will start the SSH reverse tunnel from here.<\/p>\n\n\n\n
2. JUMPHOST – The host you’ll be connecting the reverse tunnel to from the TARGETSRV.<\/p>\n\n\n\n
3. CLIENT – Your client computer that you’ll be SSHing from to the JUMPHOST.<\/p>\n\n\n\n
The first step is to start the SSH reverse tunnel from the TARGETSRV. Here we are creating a tunnel from port 22 on the TARGETSRV to port 19999 on the JUMPHOST over port 22 SSH.<\/p>\n\n\n\n
# ssh -p 22 -R 19999:localhost:22 JUMPHOST -l <user><\/code><\/pre>\n\n\n\nNow SSH to the JUMPHOST from CLIENT and run the following command:<\/p>\n\n\n\n
ssh -p 19999 127.0.0.1 -l <user><\/code><\/pre>\n\n\n\nNow you will have connected to the TARGETSRV down the reverse tunnel.Especially useful if your target host is behind a firewall where direct access is not possible.<\/p>\n","protected":false},"excerpt":{"rendered":"
If you need to SSH to a host but don’t have direct SSH access, you can perform a reverse SSH tunnel. For this you need a host that will except inbound connections to work as a “jump host”, it is possible without it, where you could SSH back to your client computer; however for the … Read more<\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,22],"tags":[],"class_list":["post-745","post","type-post","status-publish","format-standard","hentry","category-linux","category-security"],"_links":{"self":[{"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/745","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=745"}],"version-history":[{"count":1,"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/745\/revisions"}],"predecessor-version":[{"id":1390,"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/745\/revisions\/1390"}],"wp:attachment":[{"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=745"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=745"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/geekmungus.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=745"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}