Created Sun Jun, 09 2019 at 11:40AM
ssh -T firstname.lastname@example.org
SSH Tunneling basically creates a secure encrypted network tunnel where traffic is either forwarded from your local machine to a remote machine (local), or requests destined for a remote host are intercepted and sent down to your local machine (remote).
Usage examples: - I want run a development instance on a server, but call it on my remote machine - I want to tunnel my routers webUI (which is not accessible outside of the internal LAN)
ssh -L -N 5000:localhost:8080 user@remote # forwarding 8080 from remote server to localhost 5000 ssh -L -N 5000:192.168.100.1:443 user@remote # forwarding another machines https (port 443) through user@remote to localhost:5000
Usage example: I want to push my local development instance up to a public server so a remote client can see & interact with it.
ssh -L -N 8080:localhost:8080 user@server
If you want that forwarded port to be available to everyone try 0.0.0.0:8080:localhost:8080, if that doesn't work install socat and do this:
ssh -R 8080:localhost:8080 -N email@example.com socat TCP-LISTEN:5000,fork TCP:127.0.0.1:8080 # this makes port 5000 available globally i.e. *:5000
One of the first things I do when connecting to a new server is add it to my ssh config. This makes it super easy to connect to the same host in the future. There are many advanced options you can set per host as demonstrated below.
# most simple example. You can just type `ssh simple`, but what this config does is `ssh fl-pr-usawest.003-oof.somelong-not-so.simple.com` Host simple HostName fl-pr-usawest.003-oof.somelong-not-so.simple.com User jwick # this example shows wildcard for IP # you can even use more than one wildcard 10.0.*.* for example Host 172.16.16.* StrictHostKeyChecking no UserKnownHostsFile /dev/null # Here we see non-standard (22) port + keyfile authenication Host ec2foo HostName 192.168.56.3 User admin Port 5000 IdentityFile ~/.ssh/id_rsa # MacOS keychain, see bullet below to add your key to keychain. Host git HostName gitrepo.local User git PreferredAuthentications publickey IdentityFile /Users/barney/.ssh/gitrepo_key UseKeychain yes # UseKeychain seems like a MacOS thing, ymmv AddKeysToAgent yes # Here we have an old ssh server where we have to specify unused ciphers + server keep alives if your device is set to kill old connections Host fw1 HostName 10.0.0.1 Ciphers="3des-cbc" KexAlgorithms="diffie-hellman-group1-sha1" User netadmin ServerAliveInterval 300 ServerAliveCountMax 2
ssh-add -K ~/.ssh/[your-private-key]