SSH Tunneling Explained

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] all right tinker nerds the new year's here and the holidays are over I hope you got everything you wished for and I hope what you wish for was more tink enough videos because if so my dear sweet viewer consider your wish grant so last year a couple weeks ago we talked about SSH the command line junkies favorite remoting tool I had mentioned in that video that there's a lot of cool things that you can do with this Sh so in this video we're gonna explore one of them tunneling not the tunneling Elon Musk's boring company does SSH tunneling is a lot nerdier than that so come on Tinka dude teach me how the tunnel teach me teach me how that tunnel to understand tunneling you need to know how networking ports work so let's figure that out first imagine a seaport with a bunch of boats seaports organize their docks using something called birth numbers if a boat wants to dock it as assigned a birth number and that birth number tells it where to go so that it can deliver its packages on a very basic level networking ports are kind of similar depending on the data being delivered networking protocols assigned each shipment a specific port number and that tells the data where to be delivered some common port numbers you may recognize are port 84 HTTP or web traffic and port 22 for SSH traffic if you're curious here's a nice list of more common networking ports what's this got to do with SSH tunneling we've already established that SSH tunneling is a direct secure connection to another computer so that you can control it well tunneling allows you to take that SSH connection and smuggle or forward data from one port to another so to test out these tunneling concepts I'm going to assume that you have an SSH client in one location like work or school or something and then an SSH server in a different location say at home I'm going to be using the Windows 10 command prompt with OpenSSH installed Windows users could use putty which is a really good GUI for SSH commands but to keep things consistent I'm using the command line interface because the commands are the on Windows Mac and Linux the first tunnel we'll try out is called local port forwarding let's say you're at work and you want to remote desktop into your computer at home but your work blocks the remote desktop port 3389 what we can do is use an SSH tunnel to forward the blocked port 3389 to a different port number that isn't blocked so on your work computer open up a terminal and type ssh - capital l for local port the new port that you want to use the name of the computer that you want to remote into and then the remote desktop port that's blocked and then the user name and location of your home ssh server when you hit enter it'll prompt you to log into your remote SSH server once you've done that now if you open up the remote desktop application and type in localhost followed by the port number that you chose it should connect what the computer is doing is taking the data that's sent to the port that we created and forwarding it through our SSH tunnel bypassing the firewall and then when it gets to our computer at home it then uses port 3389 to connect to our remote desktop application finish in the connection from there pretty doggone spectacular right we are just getting started next up dynamic port forwarding this is probably one of the most asked for use cases let's say that you run across a blocked website at work because your work has installed a web filter on port 80 by opening up a terminal and typing SSH - capital d for dynamic entering in a custom port number and then your home SSH server credentials you can create what's called a socks proxy and then to get a web browser like Chrome to use it you need to go into your settings search for proxy land settings check use a proxy server click advanced and then in the Sox option type in localhost and then the custom port number that you chose when you click OK any web address typed into Chrome will be sent to your custom port through the SSH tunnel and then retrieved on your home computer using it to surf the web now we're cooking we could stop there but there's one more cool tunnel that I want to show you you know how earlier we remoted into our home computer by forwarding the remote desktop port well what if we wanted to reverse that process to remote into our computer at work this is what's known as reverse tunneling to accomplish this on your word computer type ssh - capital r for remote port forwarding a random port number the name of the computer that you want to remote into and since it's this computer I'm just going to type localhost then the remote desktop port 3389 and then your ssh server connection information for your server at home when you hit enter it'll establish a connection and then when you get home open up the remote desktop client type in localhost and then the port number you chose and when you hit enter you should magically be connected now if for some reason you get an error that doesn't work you may need to check the ssh configuration settings on your home server go into sshd underscore config and make sure that gateway ports and allow TCP forwarding are both set to yes that's good stuff now as a final tip regarding reverse port forwarding I'll answer the question you're all probably asking if you have a locally hosted website that you've made and you want to access it from the internet without opening up any ports on your router you can do that using reverse SSH tunnel and what's even better is you can use a free service at serbian net to establish a reverse tunnel to your locally hosted web site and make it publicly accessible so basically you're just using a free ssh server that they provided to access your website i think that's a good place to stop so let me know in the comments your favorite SSH tunneling tricks let me know about anything I've missed what you liked and when I got wrong if you have any ideas you can submit or vote for your favorite site tinkernut.com / idea you can click here to watch more videos like this and if you got any value out of my show we'd like to give some value back please feel free to donate at patreon.com slash inc or not alright that's it for this tutorial for more go to youtube.com slash Tinka not
Info
Channel: Tinkernut
Views: 296,272
Rating: 4.9118481 out of 5
Keywords: tips, tricks, tutorial, tinkernut, how to, weekend hacker, gigafide, tinker, port forwarding, ssh, ssh tunneling, tunneling, ssh tunnels, blocked websites, bypass firewall, secure shell, proxy, diy proxy, reverse port forwarding, tcp/ip, networking, network protocols, remote desktop, bypass blocked sites, ssh tutorial, secure shell tutorial, secure shell explained, ssh tunneling mac, ssh tunneling on windows
Id: AtuAdk4MwWw
Channel Id: undefined
Length: 6min 36sec (396 seconds)
Published: Sat Jan 12 2019
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.