SSH proxies and tunnels

SSH is a fantastic tool. Imagine you have a server at work ( that you can SSH into, but you have no other access to your company network. Try the following SSH tricks:

ssh -D 9999

Opens a SOCKS proxy. If you tell your browser to use localhost:9999 as SOCKS proxy, you can now browse your companies internal web pages.

ssh -L 2222:internalserver.intranet:22

Now you can do ssh to localhost, port 2222, and that will log you on to internalserver, even if internalserver is only accessible from server, not from where your computer is now. Port 2222 on home computer is forwarded to port 22 on internalserver. This works with any other port/protocol (IMAP, OpenVPN, HTTP).

Now imagine you cant SSH to any computer at your work, but you can do SSH out of work, to your home computer. Then you can try (at work):

ssh -R 2222:localhost:22

Now, if you ssh to, it will take you to your computer at work. Port 2222 on is forwarded to port 22 on work computer.

Finally, to keep that last connection up, there is a clever program named autossh, which automatically reconnects if needed.

Dont break any company policies!

Leave a Comment

NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Time limit is exhausted. Please reload CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.