-ssh Tunneling = port forwarding = poor man's vpn = a way to forward otherwise insecure tcp traffic through ssh.
-Utility of ssh Tunneling = allows users to access securely their company data while remote (home, internet, etc)
-as long as the user has an ip conn to the Internet, he can connect to the remote server securely.
-ssh with -L option allows to tunnel ssh connection.
-using one hostA to connect securely to another hostB (ie via hostA)
clientA# ssh -L local_port:hostA:dest_port hostB
ie: clientA-----hostA====hostB
ie: user on clientA authenticates on hostA but securely connects to hostB.
ie: it is a way for people inside a firewall or proxy to bypass the firewall restrictions and get to the computers in the outside world.
Additional notes:
-ssh with -X option is a type of ssh tunneling. This makes use of ssh to Tunnel X Windows remotely -- note that X is an insecure protocol.
-Default port for X is 6000. If this port is blocked, a workaround is to run ssh with -X option to display X output.
-Example: User mrinal wants to connect from Local node A running X server (and ssh Client) to node B running X client and ssh Server)
On Node A:
$ ssh -X mrinal@nodeB -- user mrinal starts ssh Tunnel between node A & node B
-ssh with a lowercase -x disables the ssh tunneling and is not supposed to be used.
No comments:
Post a Comment