{"id":85,"date":"2009-02-28T11:10:52","date_gmt":"2009-02-28T18:10:52","guid":{"rendered":"http:\/\/www.zulutown.com\/blog\/?p=85"},"modified":"2009-02-28T11:16:57","modified_gmt":"2009-02-28T18:16:57","slug":"ssh-tunnelling-to-remote-servers-and-with-local-address-binding","status":"publish","type":"post","link":"https:\/\/www.zulutown.com\/blog\/2009\/02\/28\/ssh-tunnelling-to-remote-servers-and-with-local-address-binding\/","title":{"rendered":"SSH Tunnelling to Remote Servers, and with Local Address Binding"},"content":{"rendered":"

It’s often required to open different kind of connections to a server where there is available just a SSH account (or where only the port 22<\/code> is open).
\nUsing ssh tunneling<\/em> it’s easy to to access any port on the server, or even to connect to any other servers reachable from the server where the SSH account is available.<\/p>\n

To access directly (i.e. with MySQL Query Browser) a MySQL service on the remote server, where the access to the port 3306<\/code> is denied, the trick is to open a SSH tunnel to the remote server, mapping an arbitrary local port the the remote port 3306<\/code>. In the following example the local port 5306<\/code> is used:<\/p>\n

ssh -L 5306:remoteserver.com:3306 remoteuser@remoteserver.com<\/pre>\n
In this case, the local port 5306<\/code> is forwarded (with ssh tunnelling) to remoteserver.com<\/code>, that attaches the tunnel on its port 3306<\/code>.
\nWhen the tunnel is open, it’s only required to setup MySQL Query Browser to connect on localhost:5306<\/code> and the connection will be magically forwarded to the remote server on its port 3306<\/code>.<\/p>\n
\"Simple
Simple ssh tunnelling of a MySQL Connection<\/p><\/div>\n
It’s even possible to set the remote side of the tunnel to be mapped not on the remote server itself, but on a different host<\/em>.
\nFor example, if the local computer is not allowed to access IRC servers, an idea could be to use a remote server where a SSH account is available to tunnel the IRC connections.<\/p>\n
Here is an example:<\/p>\n
ssh -L 8666:ircserver.org:6666 remoteuser@remoteserver.com<\/pre>\n
In this case the local port 8666<\/code> is mapped on the port 6666<\/code> of the IRC server ircserver.org<\/code>, so the local IRC client (i.e. mIRC) should be simply setup to connect on localhost<\/code> on the port 8666<\/code>.<\/p>\n
\"SSH
SSH Tunnelling to a Different Remote Host<\/p><\/div>\n
Finally, other people in the local network might desire to use the tunnel to the remote server (in this example it’s a IRC server). If the client that opened the SSH tunnel has the IP address 192.168.1.1<\/code>, the other clients on the local network should connect to 192.168.1.1:8666<\/code> to reach the remote ircserver.org on the port 6666.<\/p>\n
In this last case, it’s important to make sure that the tunnel binds to the correct local IP address.
\nIf the local client has 2 addresses: 127.0.0.1<\/code> and 192.168.1.1<\/code>, it’s useful to open the tunnel binding it on 192.168.1.1<\/code>. In this way other clients on the LAN can use the tunnel. This is the syntax:<\/p>\n
ssh -L 192.168.1.1:8666:ircserver.org:6666 remoteuser@remoteserver.com<\/pre>\n
\"SSH
SSH Tunnelling with Local Address Binding<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"
It’s often required to open different kind of connections to a server where there is available just a SSH account (or where only the port 22 is open). Using ssh tunneling it’s easy to to access any port on the … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[61,27],"tags":[55,56,60,57,170,58,32,30,59,54,53],"class_list":["post-85","post","type-post","status-publish","format-standard","hentry","category-networking","category-system-administration","tag-binding","tag-irc","tag-local","tag-mirc","tag-mysql","tag-port","tag-remote","tag-ssh","tag-tcp","tag-tunnel","tag-tunnelling"],"_links":{"self":[{"href":"https:\/\/www.zulutown.com\/blog\/wp-json\/wp\/v2\/posts\/85","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.zulutown.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.zulutown.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.zulutown.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.zulutown.com\/blog\/wp-json\/wp\/v2\/comments?post=85"}],"version-history":[{"count":6,"href":"https:\/\/www.zulutown.com\/blog\/wp-json\/wp\/v2\/posts\/85\/revisions"}],"predecessor-version":[{"id":94,"href":"https:\/\/www.zulutown.com\/blog\/wp-json\/wp\/v2\/posts\/85\/revisions\/94"}],"wp:attachment":[{"href":"https:\/\/www.zulutown.com\/blog\/wp-json\/wp\/v2\/media?parent=85"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.zulutown.com\/blog\/wp-json\/wp\/v2\/categories?post=85"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.zulutown.com\/blog\/wp-json\/wp\/v2\/tags?post=85"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}