SSH Tunnelling

the most famous method is using D parameter in ssh connection to bind a port local in your machine and this port tunnel back to our remotebox
to send our traffic to this server

example

then you can configure your application and browser to use the your local ip 127.0.0.1 with the port 1337 to send traffic to the remote server

this is the traditional tunnelling way

lets make bigger scenario

lets assume that we have access to box with 2 interfaces
first interface with public ip and second one with internal private lan

the public ip 41.x.x.x
the private lan ip 192.168.0.10

inside the private lan machine with ip 192.168.0.20 and running ssh service and we want to connect to this machine
its impossible to connect to it from outside without tunnelling

lets do some tunnel magic

from our box to the remote box we will do ssh
OURBOX ==SSH==> 41.x.x.x
inside the remote box we will tunnel back to our machine

this will open port 1337 in the OURBOX this port redirect to 192.168.0.20 machine in port 22

REMOTEBOX ==SSH+LOCAL FORWARD==>OURBOX

this ssh connection will lead u to the 192.168.0.20:22

sometimes you may need to skip ssh host verification as you connect to your local machine via this ssh option parameters UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no

also this method could be use to bind to your internal ip to send ssh server back to better administration with vim also it possible to forward X via this tunnelling method

 

example scenario

our client don’t have public ip and writing commands in teamviewer is very silly thing

so we ask our client to connect back to our machine

after client log in inside our machine we can connect to our client ssh via

 

Happy Tunnelling