ssh reverse tunnel for external internet
Today I needed to create an ssh reverse tunnel, so when someone connects to a server's port, he is forwarded to my PC's port. A usual thing, nothing special.
I googled a bit and found a lot of examples.
So when a TCP connection is opened to host.com:8888, it actually gets forwarded to my localhost:80.
Pretty simple. But it did not work.
After googling and googling and finding all the same simple but not working examples, I finally did the right thing: reading manual.
It turned out that when server-side bind address is not specified (as it is in my case) it binds to 127.0.0.1 which is not visible from the outside internet. You can specify * or empty string as bind address to make sshd bind to all interfaces, or even specify an IP address to bind to, but any of these will work only if sshd server has GatewayPorts enabled.
Okay, after adding the following line
I googled a bit and found a lot of examples.
ssh -R 8888:localhost:80 user@host.com
So when a TCP connection is opened to host.com:8888, it actually gets forwarded to my localhost:80.
Pretty simple. But it did not work.
After googling and googling and finding all the same simple but not working examples, I finally did the right thing: reading manual.
It turned out that when server-side bind address is not specified (as it is in my case) it binds to 127.0.0.1 which is not visible from the outside internet. You can specify * or empty string as bind address to make sshd bind to all interfaces, or even specify an IP address to bind to, but any of these will work only if sshd server has GatewayPorts enabled.
Okay, after adding the following line
GatewayPorts onto the /etc/ssh/sshd_config and restarting sshd it has started to work. Command is:
ssh -R *:8888:localhost:80 user@host.comOne more little thing learned.