SSH Tunnelling

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
I'm going to show you how to set up an SSH tunnel which lets you pass traffic from one host to another through an SSH session so you start an SSH session between two hosts and then you can send other traffic down there that's not as it's AIT's but you don't have to open up any extra ports it just goes through the SSH session they've got established okay so to show that all I'll use a few little props here I've got the corporate network over here which is corporate laptop Linux boxes on the corporate network and firewall which then goes out to the world which is the cloud so there's the internet there and on the other side of that we've got a home network so got some home computers on our network behind little around firewalls probably got at home now this assumes you've got an SSH port forwarding on your home the router here so that's fine so that's all set up okay sign up with a corporate laptop here is the macbook so what I will do if I just edit eight the home machine that's normal I just go it's H 1.68 that would be your internet address if it was in the real world but I've just got two different subnets here for demonstration so now our vegetation is in the home Linux box but there's nothing special that's just an SSH session but if we're getting out of that if I do that again but this time tell it to listen locally on this laptop on port let's say three one two eight because what I've got over here in my home network this isn't the SSH servers it is I'm connecting to this SSH server however over here on my own network I've got a proxy server and web proxy server so what I want to do is I want to get that laptop to use that proxy server and the reason why because you on internet sites blocked at work or something and you know you just want to use your own so what I could want to telling it here to do now is listen locally on this laptop to port three one two eight a when traffic comes in send it to one or two dot one six eight dot 1.63 which is this machine over here my proxy server at home and we'll send it there on port 3 1 2 8 ok so it looks the same like we've just got an SSH session to the machine here but the difference is now this laptop is listening on port 3 1 2 8 and it will send it to your own proxy server I'll check that out on the local laptop here just change this browser settings and set up from no prophecy we'll make a proxy and we're listening on the localhost which is itself on that port 3 1 0 which is the proxy port so now if I do something what's actually happening there is it's using the proxy at home and if it's your own proxy you're not going to block anything so you can do what you want so that's a simple example of how to use SSH tunneling you can also do reverse tunneling now in the last example we were listening on this host sponsor we're listening on the laptop here locally and sending it somewhere else once it got to the other end but what we're going to do now is from this box here which is on the corporate network we're going to start an SSH session to your home network but instead of listening here to other connections we're going to listen on this one and send them back through to the corporate network now on the corporate network I've got a web server here just to just to have something on the corporate network so what I'll do is I'll just exit and go back to the laptop and I'll show you the addressing scheme was using on the corporate network I was using 192 168 24 the the corporate network just to show it's on a different network so if I go to oh now that I've killed that connection if I went to Google now you'll see an error because it's not listening anymore so the laptops not listening anymore so I'll just reset that back to no proxy settings ok and now we'll just go locally without any proxy so that's back to normal ok now on this corporate network the web server here 1 or 2 don't want to say it's a 20.2 okay there's my corporate website on that server to get to that from home I mean there's this firewalls and everything let's just say that's something on the intranet or some other service you know it's blocked by the firewall to the world you can't get to it so what we'll do first I'm going to connect to this Raspberry Pi just just locally okay so I'm going to change up one just to get me on there okay so now I'm on this raspberry nothing special I'm going to start a screen just to just to keep it running so when I disconnect it'll still be on there so now what I want to do is connect to the home SSH server so I'll do that again with your external IP address that would be in the real world but this time we're going to do capital R so set it up from the remote end and we're going to access this web server but I'm going to make it listen on port 1 2 3 4 ok because they have to be above 1024 unless you're running this route which I am but you wouldn't know okay now I'm going to tell us to send that to once you take the one place of 20.2 on port 80 now that's the web server here 1 or 2 1 6 8 20 got to and port 80 for the web so when I do that I'm now connected home but it's now listening for connections there is some extra bit you have to do though because normally that would only bind to the loopback internally if you're somewhere else on your network and you want to connect to it have to just change a bit of the SSH config so at the bottom is the SSH coffee just put Gateway ports is yes ok that will allow it to listen to other hosts so that's just in the SSH company make sure you've restarted SSH server but I've done that so Gudrun so that home system is now listening locally on port 1 2 3 4 ok so I'm going to disk on this I'll just get out of that screen okay now back at the laptop just to show you the network I'm on here on this laptop I'm using one nine two one six eight twenty that's the internet connection I'm going to disconnect that down and enter power now I'm going to come over to the home network and on how I'm going to do that is I'm just going to use the wireless connection because the wireless is online my home networks so now now on the home network and I have an IP address of 192.168.0.0 in to send to the web server so I can find out now by going to we're out just doing 192.168.1.2 a which is this machine port one two three four and then from the home network we're accessing a corporate website which is only internal on their network so that's how is this H tunneling can let you do some pretty tricky things and you can add more tunnels to you can just do more - l and addresses on the left and you can set up a few tunnels for whatever you need and it comes in very handy
Info
Channel: Tall Paul Tech
Views: 14,314
Rating: 4.9696202 out of 5
Keywords: SSH, SSH Tunnelling, SSH Tunnel, SSH Reverse Tunnel, Proxy Server, Linux SSH
Id: bKZb75TaRyI
Channel Id: undefined
Length: 8min 9sec (489 seconds)
Published: Wed May 24 2017
Related Videos
SSH Tunneling - Local & Remote Port Forwarding (by Example)
Hussein Nasser
95K
Raspberry Pi Router And Firewall Using nftables
Tall Paul Tech
10K
Raspberry Pi Bridge To Snoop A Smart TV
Tall Paul Tech
55K
Raspberry Pi Servers
Tall Paul Tech
29K
IGMP - Internet Group Management Protocol
Tall Paul Tech
16K
Decoding 433 MHz Devices With SDR
Tall Paul Tech
14K
SSH Tunneling Explained
Tinkernut
300K
A Chick-Fil-A Franchise Costs only $10,000 and Makes 4.5 Million - What's the Catch?
Franchise City
737K
Why was Facebook down for five hours?
Ben Eater
520K
How Digital Radio Works
Tall Paul Tech
3.1K
Physical Network Tour
Tall Paul Tech
22K
Create your own VPN server with WireGuard in Docker
The Digital Life
40K
Understanding SSH Port Forwarding | Using SSH to Port Forward ? Networknuts
networknutsdotnet
61K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.