ssh reverse proxy to enable remote access behind a LAN and firewall

So say you are behind a typical NAT/LAN setup whether at home, work or while travelling.  What if you have a computer or server that you need to connect to from the outside?

Yes you could use a VPN but a quick and dirty, temporary and secure way is to use SSH's Reverse Tunneling Proxy feature.

Requirements

On the remote ssh server host you need the GatewayPorts option enabled in sshd_config (be sure to restart sshd after making the change)

Your sshd_config needs this:

GatewayPorts yes
 

On the client / machine that is behind the firewall run the SSH command

ssh -R 33000:localhost:3389 username@remoteip

33000 means when we connect to remoteip:33000 we will be connected to port 3389 o the localhost.

Now we can change the localhost to another IP on our LAN if we wanted to.

Now if we connected to remote ip's 3389 we could connect to RDP even though the machine is firewall'd (this works even if all ports are closed and nothing is forwarded to your machine since the ssh -R reverse proxy command is what handles our inbound connections through the remoteip).


Tags:

ssh, proxy, enable, lan, firewallso, nat, travelling, server, vpn, tunneling, feature, requirements, gatewayports, enabled, sshd_config, restart, sshd, firewall, localhost, username, remoteip, ip, rdp, ports, forwarded, handles, inbound, connections,

Latest Articles

  • EFI PXE grub2 Howto guide for Linux EFI PXE Booting on Debian, Mint, Ubuntu, RHEL
  • Aruba/HP/Dell IAP Wireless Controller Common Default Passwords
  • Debian, Mint Ubuntu how to remove package and associated config files
  • Linux Grub not booting the intended kernel solution in Debian, Mint, Ubuntu how to specify which kernel to boot by default
  • QEMU KVM Keyboard Problems Not Working Right Repeating Characters, Ctrl+C Copy and Paste not working right when using PS2 mouse in guests Solution
  • Linux how to compile binary with static sharedobjects embedded instead of dynamic to use on multi-distributions and avoid glibc compatiblity issues
  • /bin/sh: msgfmt: not found error solution on Linux Compilation Ubuntu Debian Mint Centos
  • Mikrotik RouterOS CHR/ISO Basic and Quick Setup Howto Guide
  • qemu 4 compilation options
  • CentOS 7 8 PXEBoot Netinstall Not Working Solution "Pane is dead "new value non-exisetnt xfs filesystem is not valid as a default fs type"
  • CentOS 6 EOL yum repo won't work Error: Cannot find a valid baseurl for repo: base Solution
  • CentOS 7 8 How To Disable SELinux
  • Wordpress How To Add Featured Image To Post in Hueman Theme
  • kdenlive full reset how to erase all config files
  • CentOS 7 8 yum error Trying other mirror. To address this issue please refer to the below wiki article
  • Microsoft Teams Linux - Calendar Doesn't Work Missed Meetings!
  • Scanner not working in Linux Ubuntu Fedora Mint Debian over the network? Use sane-airscan!
  • How To Boot, Install and Run Windows 2000 on QEMU-KVM
  • bash cannot execute permission denied
  • Huion and Wacom Tablets How To Install in Linux Mint / Ubuntu and make the stylus work properly