[ALUG] SSH tunnelling

Chris Green cl at isbd.net
Tue Mar 28 09:23:17 BST 2017

On Tue, Mar 28, 2017 at 09:02:26AM +0100, Mark Rogers wrote:
> I need to access the web server on a VM in my office, from my laptop.
> I have SSH access to an intermediate PC and from there to the VM.
> Ie: Laptop -> PC -> VM
> How do I set up a tunnel from laptop through PC to VM to give me
> access to port 80 on the VM?
> If relevant: Each of the two SSh connections will require (different)
> user/password.
I use an ssh tunnel to access a little system on my boat, the
fundamental bit is that the system you're trying to access has to set up
a tunnel by connecting 'outwards' with something like:-

    ssh -R 50022:localhost:22 -N -l timetode shell.gridhost.co.uk

This command is run on the remote system, i.e. you'd run it on your
machine in the office.  In your case it would be:-

    ssh -R 54321:localhost:80 -N yourlogin at intermediate.pc

as you want to get at port 80 rather than the default 22 for ssh.

I also connect via an intermediate machine, thus I have in my ssh
.config file:-

host odin 
    ProxyCommand ssh cheddar nc -q0 localhost 54321

where cheddar is the intermediate system.

I then simply say 'ssh odin' and it asks for two passwords, before
connecting.  I know this isn't quite everything for you because you
are wanting to connect to port 80.  I'm not sure *quite* where you'd
enter the passwords.

On the remote (your office) system I use autossh to maintain the
outgoing ssh tunnel.  This requires passwordless access to the
intermediate system if you want it to run unattended.

I hope this all makes some sense and helps, feel free to ask for more
details or tell me I'm barking up the wrong tree because the difficult
bit is getting it to work on port 80.

Chris Green

More information about the main mailing list