Setting up an SSH tunnel on Linux can be a useful way to protect your online privacy and security. An SSH tunnel encrypts your internet traffic and routes it through a secure tunnel to a remote server, making it virtually impossible for anyone to intercept or read your data. In this article, we’ll show you how to set up an SSH tunnel on Linux using the command line.
What You’ll Need
Before we get started, you’ll need a few things:
- A Linux computer
- Access to a remote server that supports SSH
Basic SSH Command
First, open a terminal window on your Linux computer. You can do this by pressing Ctrl+Alt+T or by navigating to your applications menu and searching for “Terminal”.
To set up an SSH tunnel on Linux, we’ll use the ssh command. The basic syntax for the ssh command is as follows:
1 | ssh [user@]hostname [-p port] [command] |
Here’s what each part of the command does:
- [user@]hostname: The remote server you want to connect to. You can specify the username to use for the connection before the hostname, like this: username@hostname.
- [-p port]: The port number to use for the SSH connection. By default, SSH uses port 22, but you can specify a different port number if necessary.
- [command]: The command you want to run on the remote server. In this case, we’re going to create an SSH tunnel, so we don’t need to specify a command.
Set Up the Local SSH Tunnel
Local SSH tunneling is used to forward a local port to a remote server. For example, if you have a web server running on your local machine that you want to access from a remote server, you can use local SSH tunneling to forward the web server’s port to the remote server. Here’s an example:
1 | ssh -L [local_port]:[remote_host]:[remote_port] [user@]hostname -p [port] |
Here’s what each part of the command does:
- -L [local_port]:[remote_host]:[remote_port]: Specifies the local port number to use for the SSH tunnel (local_port), the remote host and port number to connect to through the SSH tunnel (remote_host:remote_port).
- [user@]hostname: The remote server you want to connect to. You can specify the username to use for the connection before the hostname, like this: username@hostname.
- -p [port]: The port number to use for the SSH connection. By default, SSH uses port 22, but you can specify a different port number if necessary.
For example, if you wanted to set up an SSH tunnel on port 8080 to access a web server on a remote server with the IP address 192.168.1.100, you would use the following command:
ssh -L 8080:localhost:80 [email protected] -p 22
This command sets up an SSH tunnel that maps the local port 8080 to the remote server’s port 80, allowing you to access the remote server’s web server on your local machine by navigating to “http://localhost:8080” in your web browser.
Set Up the Remote SSH Tunnel
Remote SSH tunneling is used to forward a remote port to a local machine. For example, if you have a database server running on a remote server that you want to access from your local machine, you can use remote SSH tunneling to forward the database server’s port to your local machine. Here’s an example:
ssh -R 3306:localhost:3306 [email protected]
This command forwards port 3306 on the remote server to port 3306 on your local machine. You can then connect to the database server running on the remote server by connecting to localhost:3306 on your local machine.
Set Up the Reverse SSH Tunnel
Reverse SSH tunneling is used to allow a remote server to connect to a local machine. For example, if you have a local machine running a web server that you want to allow access to from a remote server, you can use reverse SSH tunneling to create a secure connection between the two machines. Here’s an example:
On your local machine, run the following command:
ssh -R 8080:localhost:80 [email protected]
This command forwards port 8080 on the remote server to port 80 on your local machine. You can then access the web server running on your local machine by connecting to http://remote-server.com:8080.
By using SSH tunneling, you can securely access resources on remote servers and forward ports between machines without exposing them to the public internet.
Keep the SSH Tunnel Active
Remember that SSH tunnels require an active connection to the remote server in order to remain open. If the connection is interrupted for any reason, the tunnel will be closed and you’ll need to set it up again.
To avoid this, you can use a tool like autossh, which automatically reconnects the SSH tunnel if the connection is lost.
Conclusion
Setting up an SSH tunnel on Linux can be a useful way to protect your online privacy and security. By using the ssh command, you can easily create a secure tunnel to a remote server and route your internet traffic through it. By following the steps