SSH Tunneling

Classic Tunnel

You want to map a remote port locally,

ssh -L localport:localhost:remoteport remotehost

You want to map a port that is available on the remote network locally,

ssh -L localport:internalhost:remoteport remotebounce

Reverse Tunnel

You want to map a local port to a remote host,

ssh -R remoteport:localhost:localport remotehost

You want to map a port that is available on your network to a remote host,

ssh -R remoteport:somepeer:localport remotehost

Whatever Forward Proxy

You want a SOCKS4 or SOCKS5 forward proxy on your local system,

ssh -D LOCALPORT remotehost

You want the same but actually providing the forwarding service to others on your internal network,

ssh -D BIND-TO-IP:PORT remotehost

or just on any network interface,

ssh -D *:PORT remotehost

Finally, if you want to bring this up at startup,

vi /etc/rc.local

#goes into bg
#ssh -fN -D *:PORT remote
su - USER -c "sleep 10; ssh -fN -D *:PORT remote" &

Ref. https://gist.github.com/scy/6781836

And if you need a watchdog,

#!/bin/bash
tmp=`ps aux | grep ^USER | grep 'ssh -fN -D'`
[[ -z $tmp ]] && echo RESTARTING SOCKS \
    && su - USER -c "sleep 10; ssh -fN -D *:PORT remote" &

Last update: 2018-08-28 | home | html | css