hfeeki
2013-02-01 17:28:21 +08:00
Reverse SSH Tunneling Network
Don’t have VPN access, but still want a secure way to connect between two networks? If so, please read below on how this can be done even if the remote site is blocking SSH with a firewall. This article assumes that you already have SSH servers setup on both remote and local sites. If not, It should be pretty straight forward to setup a SSH server on Windows with OpenSSH for windows or install on Linux with the below commands ran from the terminal window. The complete setup of SSH server is out of the scope of this article, so please refer to man pages or other online documentation.
#RedHat, Fedora, CentOS..most RPM based distros
yum install openssh-server openssh-client
#Ubuntu and other Debian based distros
sudo apt-get install ssh-server ssh-client
Setting up Remote SSH Servers connection to Local SSH Server
Here we are going to establish an SSH connection from the Remote Server to the Local Server. The following is the structure and break down of the command.
ssh -l <1> -nNT -f -R <2>:<3>:<4> <5> -p <6>
-l Login name
-f Requests ssh to go to background just before command execution.
-n This must be used when ssh is run in the background.
-N Do not execute a remote command.
-T Disable pseudo-tty allocation.
<1> Remote SSH Servers user account to login as
<2> local SSH Server listening port
<3> Remote SSH Server internal IP
<4> Remote SSH Server port
<5> local SSH Server public IP (This is NATed to internal SSH server on port 22)
<6> local SSH Server public port to listen on
EXAMPLE:
ssh -l jsmith -nNT -f -R 1100:192.168.2.11:22 1.1.1.1 -p 443
Establishing SSH Connection from Local SSH Server to Remote SSH Server
Now that we have the connection established from the Remote SSH Server to the Local SSH Server (now listening on port 1100) we can now login to the Remote SSH Server using the reverse SSH Tunnel. First verify that the tunnel is setup and listening on port 1100 on the Local SSH Server by running the following as root:
netstat -tupnl | grep :1100
#This should return with the following:
# tcp 0 127.0.0.1:1100 0.0.0.0:* LISTEN
Now that you have verified that the port is up and listening, run the following from the Local SSH Servers terminal:
ssh -D 192.168.1.11:1234 -p 1100 localhost
This will log you in to the Remote SSH Server and also setup another listening port (1234) to be used later for using Socks Proxy Connections. When prompted for password, login with the password of the Remote SSH Servers account. In this example it would be the password for the user jsmith.
Setup Port Forwarding for RDP on Local SSH Server
This one is a little tricky. We are going to now setup the Local SSH Server to Forward all requests it receives for port 3389, and send them through the Reverse SSH Tunnel (established on port 1100 of Local SSH Server) and onto the Remote App Server. From the terminal of the Local SSH Server, type in the following:
ssh -L 192.168.1.11:3389:192.168.2.10:3389 <local SSH Server user>@localhost -p 1100
Now check to see if port 3389 is listening on the Local SSH Server.
netstat -tupnl | grep :3389
#This should return with the following:
# tcp 0 127.0.0.1:3389 0.0.0.0:* LISTEN
Remote Desktop into Remote App Server via RDP from Local Workstation
Now that we have everything setup, you should be able to remote desktop into the Remote App Server by pointing your RDP client, on Local Workstation, to the IP address of the Local SSH Server (ie. 192.168.1.11)
Using Socks Proxy on Local Workstation to connect to Remote App Server
Earlier when we made our original connection to the Remote SSH Server, we used port (1234) for Local network to connect to. To bring up a web page that is running on any Remote Network Server, just configure your Local Workstation Browser for Socks 5 Proxy and put in the IP address of the Local SSH Server (192.168.1.11) and port (1234). Waalahh!! You have now setup a Reverse SSH Tunnel with the ability to RDP and bring up web pages on Remote Site.
Please comment with any questions you might have, corrections i need to make, or if you have a better way of doing it. I hope that i have explained this well enough to understand, but if not, please let me know.