hey there!
How are you guys doing, hope everyone is doing good, im doing great btw, So today i wana talk about something that i have been using a lot lately in work and personal use, the thing that i wana talk about is ssh tunneling, its a huge topic, i have been using it ever since i learned about ssh in college, So what is this?
Info, Scenario and usage
You guys might have heard about vpn, nowadays its everywhere it is basically that except that its done via ssh. SSH known as secure shell is a remote login feature, running on a specified port, what do i mean by that is, suppose u have a computer in your home and you want to login to that computer from your office or anyother place other than your home, then you go for ssh, often “linux gurus” go for this, since this only provides terminal access.
Further-more in the old days this was used to play game with friends, (it could be done in a variety of different ways, first you create a server on your end) then through ssh tunnel your friend should connect to your computer via ssh credentials, (assuming you know port forwarding). after this setup process, your friend will be treated as if he is in your local network, in which case your both can play games with no issues, (this method assumes the following: you know how to host a game server-involving port settings, how your would allow a connection over your firewall to connect to your system, client-end i.e that is your friend knows about ssh tunnell, and more importantly your are will to expose theresource for the game server to another person since he is in your network).
This could work in a different way too.. if you/your friend/ group of friends have a server your dont have pto expose your own commuter network, port forwarding, etc, i.e in simple terms - connect to the server first with the port that is running for game server & the port in which the server should listen to, and thats it, Any connection made to the server with the particular port will be rediected to your computer thrugh ssh tunnel. If you understand what i just said, this is mindblowing, many a things could be achieved by this, this speaking on the beginner level..that too for running games.
Imagine what this could do for the developers, this is a heaven for easier work flow, but most often this is only used as an option to bypass firewall, for devops purposes ofcourse, -_-”.
Noob usage.
I’m gona brief over the ssh being used as vpn! you heard right, vpn! as i mentioned it earlier, so setting up vpn on your server could take multiple steps involing huge time, but ssh is enabled by default, what is only needed is some few lines of configuration,
For most cases the configuration that needed is of below type.
Note:
- If you are on windows make sure you have enabled ssh from optinal features, this is mandtory incase if you want to use inbuilt ssh client on windows, you could also install third party softwares if you want.
- If you are running a custom server box like me, (i have a centos box running) you would have to configure by changing sshd_config inside ‘/etc/ssh/sshd_config’.
- After making changes make sure you have restarted the sshd service.
for most part you would have to only the important marked ones*AllowAgentForwarding yes
*AllowTcpForwarding all
*GatewayPorts yes
AllowStreamLocalForwarding all
pop open a terminal then do the following.
ssh -D localport -f -C -q -N server_address
For example:
ssh -D 7890 -f -C -q -N jess-user@jupiter-server01-dynamip-massoc-address.com.
By using the above config you would have now setup a service listening on port 7890, just make sure to use the specific port to connect to the internet.(route all traffic through the port).
What i mean by that is, go to proxy settings on your system/browser/etc, set ‘127.0.0.1’ in hostname & ‘7890’ in port. You have done ssh tunneling thats it. Just like a vpn.
Note: Any request made to that port will be treated like you are doing from the server box sitting somewhere else. (I’m saying ANY request for a reason*).
< 3. Im gona stop here, this is just scratching the surface but there is lot more, maybe otherthings at a different time.