SSH Tunneling - Local & Remote Port Forwarding (by Example)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

SSH tunneling is a technique that allows you to access remote resources that are usually you don't have access to because it is internal to that network or allow others public to access your internal resources such as a web server that they usually don't have access to this is done through what is called TCP tunneling or the technology of tunneling and in general I'm gonna refer the video that I did theoretically talking about channeling this will be very specific to SSH tunneling because the technology of tunneling is is just it's there right SSH tunneling is just an implementation of it I'm gonna show some examples here in this video so if you're interested stay tuned so here's what we're gonna discuss and we're gonna do here to do this is installing you need a publicly accessible SSH server and because I don't have one I am gonna build one from scratch and I'm gonna use my own Raspberry Pi SSH server to be a publicly accessible SSH server temporarily and I'm gonna disable that after the video to do that I am going to use some port forwarding to allow port 22 which is the SSH port on my router to be routed to my PI that's the only rule that I'm gonna add initially and then I am going to create a temporary no IP nice name then that points to my IP address so I don't have to use my public IP address every time because it's very long we're gonna discuss two methods or physician telling local port forwarding and remote port forwarding we're gonna do it I'll show it that commands and how to do that so local port forwarding allows you to access remote content remote resource that usually you don't have access to right for example if you have like a remote database or an RDP server and there's a firewall that blocks 4 to 5 4 3 2 or 4 postcards and there's a firewall that blocks or to whatever this road EP port is right you don't the firewall allows port 22 for example right so you're gonna tunnel through that port 2 and smuggle content that you want to access internal network on the other side so that's local port forwarding and in scope local perform because you create a local server and you listen on your machine for local port and you access that port and acts like almost like a proxy okay it start tunneling does the magic tunneling stuff that we talked about another video remote port forwarding is more challenging to understand and it's a little bit confusing to be honest so remote port forwarding is if you want other people to have access to your local resources so this is kind of flipped right so let's say you have a web server on your machine and you want to send the URL for someone to actually test your application how do you do that you do the reverse you still use this public SSH server as a centralized location and you ask that public server to actually listen to a port and that any traffic that goes to that port goes to you will be forward to tu essentially right I don't get to show an example here so let's show an example of how to do local port forwarding let's say this is the internal resource that you need access to right this is this box is this internal network ok and for some reason this is a server is also in the same network as this so let's say this is your publicly accessible SSH server of work right and you have this public IP address and it's listening on port 22 so you can actually connect to it and tell us into it and do all that stuff and this is the internal IP headers of that same machine ok and this is the other machine that this guy has access to right 191 6 8 103 and port 8080 so this is the resource that you want to connect you ok obviously this guy is 1000 4 so it's a completely different F work and it's impossible to act this right so what do you do what we do is we create a tunnel between this machine and this machine because for for 1 1 2 2 3 is a public IP address and this is a public open port 22 which is the SSH port we're gonna SSH into this machine right and in order to do that just establishing the SSH connection is not enough we need to smuggle content and the act of smuggling content needs to be crafted very well this client is dumb just a mere SSH client is not sufficient to do the smuggling so what we do is SSH - L that means create a local port and this is the local port so 8 8 8 is my local port so this is one machine what will happen is the SSH server will start listening on port 888 8 on your local machine ok and what we will do is says ok listen on port 80 edit it and any traffic that goes to 888 a from me please forward it to this one nine two one six eight dot 103 on this port ok that's the trick here and this is my public SSH server so what the client does if you execute this command on this machine what will happen is it will establish a TCP connection with the SSH server to this machine which can because it's open right and then if you visit localhost or 1000 for on port 8080 8 8 this will make a request to this little puppy right this is like a mini server here and that will smuggle the content into a TCP packet into through the tunnel through this - - - and then when the public SSH server receives that it says oh this guy want to go to one nine two one six seven one three which I have access to it will also forward that request internally because it can to this guy all right and also I shouldn't really just make that request get the response and then do the same thing again and tunnel back the results to this I'm gonna show an example in a minute and how to do local port forwarding and another thing I want to say is you don't have to be an internal resource let's say you want to hide your identity this is very similar to a VPN right and where this is your VPN server if you think about right if you want this guy to make a request on your behalf you say this website is forbidden right from this network like let's say your ISP is blocking any access to certain domain that you shouldn't be accessing well you can tunnel through the secure as a search and then make this guy make that request on your behalf to visit that website that you're not supposed to visit that that works perfectly fine and your ISP the only thing they will see is that all you're going through that so that's X very very similar to VPN how about we actually do a local port forwarding guys our guys here I am here on my router and this is my public IP address now and so far I created a rule that forwards all the traffic on port 22 on my public IP address to my Raspberry Pi 2 which is my SSH server in this case right so now my public IP address is has an open port of Port 22 and then I went to know I Peter calm I actually created an entry ssh server dns comm that points to my public IP address so that's all what i did so now if i ssh into this i can publicly SSH anybody that I give you if I give you this URL right now you can SSH into the server and it will go to my machine right so think of it as like a public SSH server here's how we test it SSH and then you specify the username by my - the name is PI and then act as a server the DNS king.com alright and this is how we SSH into the publicly available port but that's not enough sorry and you can specify the password of the poi and there you again I am in my Raspberry Pi right into it publicly right that's the first step so now what we want to do is on my Raspberry Pi there is a server running on port 80 all right and since this is only accessible on my PI I want this port 80 to be accessible on my own machine so how do I do that okay I'm gonna do SSH that local port on port let's get out I'm gonna listen on port 80 8 8 8 locally on my Hossein Mac my macbook and then I want to access the content that is supposed to be internal which is called Raspberry Pi 2 right on port 80 and this is again this is what I want opposed to access this is the port that we're gonna listen to locally this is the resource I want to access internally right that's as we explained right and the final thing the final space is essentially PI at just a public SSH server so PI add protocol SSH server ddns king.com ok then if you do that and for the password and just like that it's now working how do we test it well let's test it out to test it since it's a web server if I do a local host port 8 8 8 8 right and hit enter localhost is my machine that I run the SSH command on right if I do that this is the website that I'm not supposed to access right and technically I am on the same Wi-Fi so it doesn't really matter so if I do Raspberry Pi 2 which is the actual server this is the actual server and I am actually access it but if I am even if I am in a different network I will be able to access that just by hitting my local host on port 8080 so just this is how we were able to access a local resource is remote okay by doing local port forwarding how about we do the opposite reverse all right guys for remote port forwarding or reverse port forwarding the idea is exactly flipped what we need to do is this is the internal resource that I want people outside my network to have access to alright so in my case 1000 3 for example on port 8080 is my web server and I split these two just on purpose to show you the exact example here okay these could be the same machine for all I care ok and this is another machine that is in the same network that have the ssh client right this is my public ssh server and what i want to do is all right so to execute this command you do an ssh the client is a search on this machine for example right dash R which means reverse or remote and you want this is to be the remote port right so the public server in this case that you're accessing will listen on port 8080 in this case and you need to enable some sort certain configuration a gateway I think it's called gateway port equal yes in order to make this happen because this is a little bit of dangerous right you're listening to an external port right so this will be the first step you're listening to the port and the next part is you want anything that goes to this port to be forwarded to this local resource that you have here 1000 3 8 8 which is this guy you can as easily chase say localhost and it will access this guy right but you can technically access any resource within this that's the idea so local resource and then local port right so I'm gonna access this guy in this case and the final part is the public SSH server all the time the public SSH server is the final piece right so what this will do is first of all you can establish the TCP connection between the SSH server and yourself and I do this arrow because this is where do you run the command that's the only difference so you have a cessation server you have the tunnel you have the TC beat SSH connection right and what will happen the first thing that will happen is the server will listen to port it it it in and if there is a TCP request on this public IP on this port the SSH server will take that packet encapsulate it into a legitimate SSH request send it over because it's encrypted nobody here can see what you're sending receive it and then you as an SSH client you have the ability to know oh by the way this is an as it's a tunnel so you will make the request on your behalf on this behalf and then access the resource internal resource and then send back the results and so on right so yeah so you'll eventually access this resource and return the response and the return to the all the way to the server so you will be at that external client will be act able to access your internal web server through this but we gotta pay the price of opening this port so how about we actually do a remote or a reverse port forwarding guys let's do that the first step is to go to a firewall so I'm gonna open port 888 on this external route to go to my Raspberry Pi 2 which is my external traffic right and I want anything that goes to this public IP address to go directly to the Raspberry Pi because this is my router right so this is just an open port so let's go ahead and open that thing this is very critical step and now the next thing is how about we execute the command because this is my local server by the way guys my local server is localhost 8080 right this is my internal code and this is a Ginny strawberry farm ok this is that same thing guys running on my remote my local machine and I want to expose it to someone external for how do we do that we're gonna find out very soon let's exit this and how about we do the opposite now SSH - our I want the remote server to be 8 8 8 8 on the public SSH server and I want to access the machine local laws which happens to be my machine right on port 888 888 e sorry and then finally the space will be by at what we call it ssh server the ddns king.com and that's it just like that and just like that we now that public ssh server which is the raspberry pi 2 by the way is now listening on port 8080 and will any public request even from my phone we're gonna show that 4G well access will tunnel that thing to access my internal loop server how about we actually test that thing huh this is my local host 8080 that's cheating but now we're gonna go to literally ssh server dot d dns candy dns kink.com on port 80 8 8 8 right because nothing is running on 8080 port 80 in here it's 888 and that will take us to beautiful Jenny strawberry forum and I am going to show you how the same thing actually work on my phone so you should see in a screenshot right now from my phone as well accessing the same thing if I give you this URL it will absolutely work but I'm gonna shut it down after I end this video alright guys so that was a quick two commands show you how to do local port forwarding vs. reverse port forwarding alright guys that's it for me I'll print out this video see you in the next one you guys stay awesome

Info

Channel: Hussein Nasser

Views: 90,318

Rating: 4.8863273 out of 5

Keywords: ssh tunneling, ssh local port forwarding, ssh port forwarding

Id: N8f5zv9UUMI

Channel Id: undefined

Length: 17min 42sec (1062 seconds)

Published: Mon Apr 27 2020