Overview

Previously I wrote a SSH Tunnel Tips that introduced some SSH tunneling techniques, but it lacked context and coherence, so I’ve reorganized it here and presented a network topo diagram. A better explanation of what I’m doing.

Network Basics

Suppose my network situation is a simplification of this Topo.

The following is a list of the most important things you can do for your business.

So here are a few possible operations.

  • Direct SSH Office PC from Home PC
    • From Office PC SSH to Home PC Same as above
  • Direct SSH from Home PC to VPS
    • From Office PC SSH to VPS same way.
  • From VPS SSH to Home (Office) PC

Among these scenarios, the easiest one to implement is: SSH from Home PC to VPS, which is also the most common operation we usually do. The reason why we can easily implement this principle is that the VPS has a public IP, so we can route directly from the Home PC to the VPS.

As you can see in the figure above, simply put, the difference between PC and VPS lies in the fact that the PC is connected to the router once, so if the PC intervenes in the ISP network directly, can it have a public IP? However, with the spread of fiber optics, even if you don’t use a router, you are not directly intervening in the ISP’s backbone, but rather in one of the ISP’s splitters, such as the FTTB series. So, the idea of having a PC (router) have public IP is not universal, and even if it did, the ISP would probably restrict it to a few ports, so it would not be used much.

SSH Tunneling

So, to get to the point of this article, since you can’t connect to the PC directly, can you do the opposite and let the PC initiate the request itself, which is the principle of SSH tunneling.

  1. [root@liqiang.io]# ssh -qngfNTR 9999:localhost:8888 root@192.168.29.48

Command Line Quick Use

  1. [root@liqiang.io]# cat ~/.ssh/config
  2. Host jump
  3.   HostName 10.0.0.102
  4.   Port 22
  5.   User root
  6.   IdentityFile /root/.ssh/id_rsa
  7.   ForwardAgent yes
  8. Host 10.0.0.87
  9.   HostName 10.0.0.87
  10.   ProxyJump jump
  11.   User zhangsan
  • The first thing you need to do is make sure you can log in directly to the jumper: 10.0.0.102.
  • 10.0.0.87 is accessed via the 10.0.0.102 hopper.

Tips

The reverse tunnel listens only to localhost.

  1. [root@liqiang.io]# cat /etc/ssh/sshd_config
  2. GatewayPorts = yes

Proxy UDP

Reverse Proxy

  • Local Machines.

    1.   [root@liqiang.io]# yum install -y nc
    2.   [root@liqiang.io]# mkfifo /tmp/fifo
    3.   [root@liqiang.io]# nc -l -p 1162 < /tmp/fifo | nc -u localhost 1163 > /tmp/fifo

    This means listening to the data coming from port 1162 on the machine and sending it to localhost:1163 in the form of UDP.

  • Remote Machine

    1.   [root@liqiang.io]# mkfifo /tmp/fifo
    2.   [root@liqiang.io]# nc -l -u -p 1163 < /tmp/fifo | nc localhost 1162 > /tmp/fifo

    This means listening on the machine for UDP protocol on port 1163 and then sending out the received UDP traffic over the TCP link localhost:1162.

  • Points to note

    • You must execute the command locally before going to a remote server, otherwise the server side will not work properly because there is no data.
    • One of the problems I have encountered is that this way I can only receive UDP once, and the second time I cannot receive it successfully.
    • This is an example of a reverse proxy, where the forward proxy is the reverse.

Ref