Wednesday, 25 July 2012

The joys of SSH tunnels

We all now how to use a simple SSH tunnel to be able to remote desktop to a machine hidden behind a firewall.

For example create a tunnel to server1 to be able to RDP onto server2. In this example we'll use port 6000 so make sure nothing is running on that port on server1 first:
  • Use putty to ssh onto server1
  • Within putty create a local tunnel with a source port of 6000 and a destination port of server2:3389
  • Now point your rdp client to localhost:6000 and your connection to server2 magically opens

Now let's extend that to 2 tunnels. In this example we can't directly reach server2 that can reach our windows box called server3. We'll create a tunnel to server1, then another tunnel from server1 to server2 and finally server2 will create the connection to server3. Again we'll use port 6000 so check it's not being used on either server1 or server2.
  • Use putty to ssh onto server1
  • Within putty create a local tunnel with a source port of 6000 and a destination port of localhost:6000
  • Now connect to server2 from server1 like this:
ssh -L 6000:server3:3389 server2
  • Once your ssh session opens fire up remote desktop and point to localhost:6000 and your connection to server3 appears before your eyes.
SSH tunnels are truely wonderful.