SSH Remote Port Forwarding is a method of securely accessing a computer over a network by redirecting traffic from one port to another. It is a type of tunneling that allows users to securely access resources located on a remote machine, such as a web server or database server, from a local machine.
In this method, the remote machine is the host, and the local machine is the client. The host machine will listen for incoming connections on a specific port, and the client machine will forward the traffic from that port to another port on the remote machine, allowing the user to access the remote resources securely.
Here is the testbed for our demonstartion purpose - Two VMs having SSH connection between them, No other ports are allowed between these two hosts. The Oracle VM is running nginx service on non-standard port 3000. AWS VM listens to port 8080. For our test AWS VM request localhost:8080 and this request is redirected over SSH tunnel to port 3000 on Oracle VM which in turn return Oracle Linux Nginx splash page.
To set up remote port forwarding in Linux 8, you can use the ssh command line utility. Here are the steps:
Open a terminal window.
Connect to the remote host using ssh, specifying the remote port forwarding option and the target port. For example:
ssh -R 8080:127.0.0.1:80 user@remote-host
In this example, the remote port 8080 is being forwarded to the local port 3000 on the remote host.
Enter the password for the remote user when prompted or you can supply ssh key by adding -i flag.
Once connected, you can test the remote port forwarding by accessing the target port on the remote host. For example, if you are forwarding port 8080, you can open a web browser and access http://127.0.0.1:8080 to see if the port forwarding is working.
Note: This example assumes that the remote host is configured to allow remote port forwarding. You may need to check the remote host's firewall settings or ssh configuration to ensure that remote port forwarding is allowed.Chhaes the Gateway Port to Yes.
- Regular SSH trasaction without Remote port forwarding shown below
At first a 3 way tcp hadnshake happens then server clinet exhange keys, from here onwards DATA exchange via keystorke and output presented on screen. Finally TCP sesion is closed by setting "FIN" flag.
- SSH trasaction with Remote port forwarding shown below -
a. Capture at AWS VM - loopback interface
https://127.0.0.1:8080
redirects to Oracle VM port 3000 over SSH with remote port forwarding enabled on Oracle VM side.
b. Capture at Oracle VM - physical interface - At first a 3 way tcp hadnshake happens then server clinet exhange keys. Then you from here onwards DATA exchange via keystorke and output presented on screen. Finally TCP sesion is closed by setting "FIN" flag.