Score:-1

SSH access with SSH reverse tunnel

mx flag

I can find a lot tutorials on the web for setting up an reverse SSH tunnel.

  ssh -p2000 -fNC -R 10011:localhost:[email protected]

But how I can become an SSH connection on my local server? I like to set up a connection from proxy(has a public IP) to localhost(which is in my home network) through the SSH reverse tunnel . I need to type from anywhere SSH commands on my localhost.

Thanks for your help Stefan

Michael Hampton avatar
cz flag
It looks like you have already set up the tunnel correctly. What exactly do you need help with?
Stefan avatar
mx flag
On my localhost is only port 80 and 443 open to connect with the internet
Michael Hampton avatar
cz flag
Presumably that is why you have set up the tunnel! So what exactly do you need help with?
Stefan avatar
mx flag
I become this error to day user@user:~$ ssh -f -N -T -R 2210:localhost:22 User@ip User@ip's password: user@user:~$ Warning: remote port forwarding failed for listen port 2210 connect_to locahost: unknown host (Temporary failure in name resolution)
Michael Hampton avatar
cz flag
That's a typo. It's `localhost` not `locahost`.
Stefan avatar
mx flag
i had to reboot both servers and correct the typo. And now it set up the tunnel
Score:0
fm flag

To summarize, you have on host A (proxy.net) with a public IP and host B without a public IP. You want to to enter into an ssh shell on B from A.

This can be done by forwarding a free port of A to the sshd listening port on B.

To achieve this, first if it is not already running start sshd either by entering

sshd

into a shell, or if you have systemd like

systemctl start sshd

After this, set up a reverse tunnel from B to A like this:

ssh -N -R 8890:localhost:22 <a_user>@proxy.net

The port 8890 can be exchanged with any free port on A. The port 22 is the port that the ssh deamon sshd is listening to on B. Most likely it is 22, but it could be a different port. You can find out by running

sudo netstat -lntp

There should be a line with sshd in the Progam Name column. In that line the local address columns should show something like 127.0.0.1:22. The number behind the : is the port your ssh deamon is listening on.

After setting up the remote ssh tunnel, you can ssh into B from A by running

ssh -p 8890 <b_user>@localhost

In this post I have used <a_user> for the user on A and <b_user> as tokens for the user on B.

Score:0
us flag

Without knowing about SSH reverse proxies, are you trying from another machine/the "proxy server" (?) to connect to a local/'private' hostname of 'localhost' that maps to the local/'private' 'loopback' address that resolves to (IPv4) '127.0.0.1' (or 127.x.x.x even) or (IPv6) '::1', when the loopback address 'resolves'/equates to the local machine, and possibly only if you have a "localhost" entry within your (*NIX - UNIX/Linux) '/etc/hosts' or (Windows) 'C:\Windows\System32\drivers\etc\hosts' file.

If so, you'd might need to target the proper 'hostname' that is mapped to a proper 'private' IP address (i.e. the one assigned to the NIC/network card) - if they are both on the same network, otherwise possibly a 'public' IP address - unless NAT (Network Address Translation - private IP to public IP conversion/replacement for outgoing & vice versa for incoming) is in place to handle this for you.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.