If you are connecting with a different Linux device on a different network then you would have to expose it to the public internet and that may put your system and files at the risk. Therefore, SSH Tunneling is used to transmit data in a fast and secured manner from source to client machine and vice versa.
SSH Tunneling is a practice of creating a secured and encrypted SSH connection between a server machine and a client machine through which data can be transferred and service can be relayed. In our today’s article, we will see how to set up SSH Tunneling and route your traffic securely via SSH tunnels.
What is SSH Tunneling?
SSH Tunneling is the way of transmitting unencrypted traffic or data through an encrypted channel. Simply, you can say that it is a tunnel to transfer data from one place to another in a secure way. Apart from the file transmission, SSH Tunneling can also be used to access intranet services across firewalls and to implement VPN.
SSH Tunneling is also known as SSH Forwarding and it is an easy and effective way of transporting data that use an encrypted protocol(FTP), bypassing firewalls and accessing geographically restricted content.
SSH Port Forwarding are of three types:
- Local Port forwarding
- Remote Port Forwarding
- Dynamic Port forwarding
Local forwarding is the practice of forwarding a port from the client machine(Local SSH Client) to the remote machine(SSH Server) and then the connection is forwarded to another port of the destination machine.
SSH Client checks for the connection on a specific given port and when it receives a connection request, it tunnels the connection to a specific port on a remote SSH server. And then the server connects to a different destination machine on the configured port.
It is mainly used to connect to a remote service on an internal network from the outside like a database. It is also used for remote file share over the internet and through jump servers.
How to set up local port forwarding?
Let’s take an example that you are restricted by a firewall to access an application running on a remote server on port 3000. Now, we will forward a local port(i.e. 8080) to access the application locally.
-L is used to configure Local port forwarding
ssh [email protected] -L 8080:server1.example.com:3000
ssh -L [LOCAL_IP:]LOCAL_PORT:DESTINATION:DESTINATION_PORT [[email protected]]SSH_SERVER
- [LOCAL_IP:]LOCAL_PORT – The port number and IP address of the local machine. Any port number greater than 1024 can be used.
- DESTINATION:DESTINATION_PORT – The Port and IP address or hostname of the destination machine.
- [[email protected]]SERVER_IP – The username and server IP address of remote ssh user.
-f will instruct ssh to run in the background.
ssh -f -N [email protected] -L 8080:server1.example.com:3000
-N will instruct not to execute a remote command. [you will not get a shell in this case.]
ssh -N [email protected] -L 8080:server1.example.com:3000
Now, open a browser on your local machine and you can simply use localhost:8080 to access the remote application instead of accessing it using the address server.example.com:3000.
Remote port forwarding is the opposite of Local Port forwarding and enables you to connect to the local computer from your remote machine. SSH does not support remote port forwarding by default. So you need to enable it in your ssh config file.
Open the ssh config file in editing mode
sudo vim /etc/ssh/sshd_config
Search for the GatewayPorts and set it as yes.
Save the changes, exit edit mode, and restart your server.
sudo systemctl restart sshd
Now as you have enabled remote port forwarding. In open SSH we use the -R command to set up remote port forwarding.
ssh -R [REMOTE:]REMOTE_PORT:DESTINATION:DESTINATION_PORT [[email protected]]SSH_SERVER
- [REMOTE:]REMOTE_PORT – The IP address and the port number of the remote SSH server.
- DESTINATION:DESTINATION_PORT – The hostname and IP address of the destination machine.
- [[email protected]]SERVER_IP – The remote SSH username and IP address.
ssh -R 8080:127.0.0.1:3000 -N -f [email protected]
The SSH server will listen on port 8080 and will tunnel all traffic from 8080 to port 3000 on your local machine
Or, you can use the following command to forward port 5000 on the remote machine to port 3000 on the local machine.
ssh -f -N [email protected] -R 5000:localhost:3000
Remote port forwarding is mainly used to give access to someone from the outside to an internal service.
Dynamic Port Forwarding
The third and the last type of port forwarding is Dynamic Port Forwarding. Local and Remote Port forwarding allows you to tunnel and communicates with a single port but in Dynamic Port forwarding you can runnel and communicate with a range of ports.
It creates a socket on the local machine that works as a SOCKS proxy server or you can say It sets up your local machine as a SOCKS proxy server and by default, it listens on port 1080. When a server connects to this port, it is forwarded to the remote machine, then it is forwarded to the dynamic machine on a dynamic port.
What is SOCKS?
It is an Internet protocol that defines how a client machine can connect to a server via a proxy.
We can enable dynamic port forwarding with the -D option. Let’s understand port forwarding with an example-
ssh -D [LOCAL_IP:]LOCAL_PORT [[email protected]]SSH_SERVER
- [LOCAL_IP:]LOCAL_PORT – The IP address and port number of the local machine.
- [[email protected]]SERVER_IP – The remote server IP address and username.
Or this command will start a SOCKS proxy and will allow you to connect to the remote host.
ssh -f -N -D 1080 [email protected]
SSH Tunneling is a useful way to transfer unencrypted data through an encrypted tunnel. There are three options available in it and you can choose as per your needs.