HOME EDUCATION PROJECTS & PUBLICATIONS MEDIA BLOGS

BLOGS

SSH Forwarding

Published Apr 17, 2020 - Author: zgxsin

Share

I will talk about ssh forwarding in this blog. The main content contains local forwarding and remote forwarding. I will take the coder_server as an example in the end.

Local Forwarding

SSH local forwarding is to forward a port from local machine to the remote machine. The local machine is where you set up SSH connection. Local forwarding is set up with the -L option. The command to set up local forwarding is:

# Run this command in your machine (local machine).
ssh user_name@ssh_connected_ip_address -L  local_port_number:localhost:remote_port_number

This will forward any connection to local_port_number of your local machine to the remote_port_number of the remote machine, which is user_name@ssh_connected_ip_address in this case. For example, if someone connects to your computer with a web browser, he/she gets the response of the web server running on remote machine if applicable (the port number is set according and the web server is running in the remote machine)

In the above example, the localhost is the remote machine. They can also be different.

# Run this command in your machine (local machine).
ssh user_name@ssh_connected_ip_address -L  local_port_number:forwarded_host:forwarded_port_number

The above command set up the ssh connection between the local machine and the remote machine (user_name@ssh_connected_ip_address). It will forward any connection to the local_port_number of the local machine to forwarded_port_number of the forwarded_host, which can be reached by the remote machine.

Below is a screenshot demonstrating the above concept. The remotehost in the image is actually the remote machine in our code above. Take care of the arrow in the image. It means the direction of forwarding.

Remote Forwarding

SSH remote forwarding is to forward a port from remote machine to the local machine. The local machine is where you set up SSH connection. Remote forwarding is set up with the -R option. The command to set up remote forwarding is:

# Run this command in your machine (local machine).
ssh user_name@ssh_connected_ip_address -R  remote_port_number:localhost:local_port_number

This will forward any connection to remote_port_number of your remote machine (user_name@ssh_connected_ip_address) to the local_port_number of the local machine. For example, if someone connects to the remote machine with a web browser, he/she gets the response of the web server running on the local machine if applicable (the port number is set according and the web server is running in the local machine).

In the above example, the local host is directly the local machine. They can be different as well.

# Run this command in your machine (local machine).
ssh user_name@ssh_connected_ip_address -R  remote_port_number:forwarded_host:forwarded__port_number

The above command set up the ssh connection between the local machine and the remote machine (user_name@ssh_connected_ip_address). It will forward any connection to the remote_port_number of the remote machine to forwarded_port_number of the forwarded_host, which can be reached by the local machine.

Below is a screenshot demonstrating the above concept. The remotehost in the image is actually the remote machine in our code above.

Example with Code Server

Code server is a popular open source work to run VS Code in the remote server, which is accessible by a web browser in different devices.

Here is how I configure coder server:

# Step 1. SSH into my remote server using ssh local forwarding. Make sure the remote server is running ssh server beforehand.
# I use port 8443 in my case
ssh user_name@remote_server_ip_address -L 8443:localhost:8443

# Step 2. Download coder server.

# Now you ssh into your remote server.

# Download the latest code server release file. You need to choose the file based on your machine type.

wget https://github.com/cdr/code-server/releases/download/3.1.1/code-server-3.1.1-linux-x86_64.tar.gz

# Uncompress the file

tar xvf code-server-3.1.1-linux-x86_64.tar.gz

# Go to the uncompressed folder

cd code-server-3.1.1-linux-x86_64/

# Step 3. Start code server in the remote server.

# Run code server with the consistent port number with ssh local forwarding.

./code-server --port 8443

info code-server 3.1.1 28e91ba70cd70fa9adf3f2e3e3b87631b5667ecf
info HTTP server listening on https://127.0.0.1:8443
info - Password is XXXXXXXXXXXXX
info - To use your own password set the PASSWORD environment variable
info - To disable use `--auth none`
info - Not serving HTTPS
info Automatic updates are enabled
info SSH server listening on localhost:33253
info - To disable use `--disable-ssh`

# Step 4. Open a browser in your local machine to visit the VS Code running in the remote server.

Open the browser in the local machine and visit localhost:8443

Finally, you need to enter your password to visit VS Code running in the remote server.

Reference

  1. https://unix.stackexchange.com/questions/115897/whats-ssh-port-forwarding-and-whats-the-difference-between-ssh-local-and-remot