killianfaughnan.com » tunneling http://killianfaughnan.com Just another WordPress site Wed, 23 Feb 2011 09:05:06 +0000 en hourly 1 SSH Forwarding http://killianfaughnan.com/2008/11/19/ssh-forwarding/ http://killianfaughnan.com/2008/11/19/ssh-forwarding/#comments Wed, 19 Nov 2008 23:08:36 +0000 kfaughnan http://killianfaughnan.com/?p=73 The basis for this particular article (and most of the info) came from one of the guys I work with, Gavin McCullagh, who I’m pretty sure knows more stuff than is good for him. It’s all pretty handy stuff, but can be irritating to get working

Forwarding X Server

If you want to forward an X session to another machine you can use the following command to do so.

  ssh -X remotepc.example.com

Now if we want to we can just start an application in the terminal session opened by the above command, and the application will run on the remote computer, but be displayed on our local machine. i.e. if you were to run nautilus on the remote server sshtest we would just type the following at the command prompt:

  remotepc$ nautilus

This is the same for most applications. You will need the application installed on both machines however. Also note that firefox requires additional switches in order to run in this fashion as you can see below.

  remotepc$ firefox -noshm

Double Forwarding X Server

It is possible to string multiple ssh sessions together in order to run an application on a machine in an otherwise unreachable location. For instance if you wanted to run firefox on a machine that was behind a firewall, to access a locally restricted site, but the firewall would only allow ssh from particular machines outside the network. In this instance you could ssh to the machine which is allowed past the firewall, and then set up a second ssh session to connect to the machine inside the firewall, and run firefox through the connection. See below:

  ssh -CtX outsidepc.example.com ssh -X insidepc.example.com firefox -noshm

In the above command we are using a couple of switches. These are

-C  This will compress the connection
-t  The -t option will instruct ssh to open a new terminal upon connection.
    This is required if you want to string ssh sessions together
-X  This will pass the X aapplication through the connection

Port Forwarding

You can use ssh to forward ports from a remote machine to your own. The main application I would use this for myself if for retrieving my gmail in mutt while in work as we block the required ports. To do this I would issue something like the following command:

ssh -gL 192.168.1.1:993:imap.googlemail.com:993 -gL
 587:smtp.googlemail.com:587 killian@example.com

In this example the server at.example.com should be a machine on which it is possible to access these ports. i.e. either a machine with access through the firewall or in your DMZ. Once you have used this command you can just open up your email client normally and the port on the remote pc will listen for connections and they will then be passed on to your own machine.

]]> http://killianfaughnan.com/2008/11/19/ssh-forwarding/feed/ 0