Friday, June 27, 2014

Digging Tunnels

So, let’s say that we want to access the machine Y going through an intermediate server, machine X. Also we need to execute application with a graphic user interface and access a couple of servers on different ports (let’s say 7001 and 7003) on the target machine (server Y).  

In the first step we will create a connection to the management server (machineX) and will setup a tunnel with local port 10001 for the remote port 22. The command that is creating the connection and tunnel is:

ssh –f  userx@machineX –L 10001:machineY:22

We use –f option to put the SSH connection in the background and –L 10001:machineY:22 to create the tunnel. We use 10001 for the local port number and not 22 because only root can forward ports under 1024.

Once we have this connection we can create the other tunnels (for 7001 and 7003) and forward X11 display.

ssh –X –p 10001 usery@localhost –L7001:machineY:7001 –L7003:machineY:7003 

The command above creates multiple tunnels in one go and also forwards X11 display and you can access the target machine services using localhost:7001 and localhost:7003.