SSH Tunneling / Port Forwarding / Pivoting /Socks proxy and some SSH Control Sequences

Remote (-R option)

First step to understand anything is to see help/manual of it and try to understand.

man ssh

Case 1:(ssh client is on same machine)

Let’s assume we don’t have public IP(most ISPs don’t provide for free) and we want to expose a http web application service running on a device(192.0.0.8) on port 80 in our local network to outside world via our cloud machine(139.59.91.150) on port 8000. SSH server is running on cloud machine(139.59.91.150).

ssh -R 8000:127.0.0.1:80 root@139.59.91.150
echo y | .\plink_x64.exe -pw toor root@10.10.14.8 -P 2222 -R 3306:127.0.0.1:3306
vim /etc/ssh/sshd_config
PermitRootLogin yes
systemctl restart ssh
ssh -R 0.0.0.0:8000:127.0.0.1:80 root@139.59.91.150
ssh -R 0.0.0.0:8000:192.0.0.3:80 root@139.59.91.150ORssh -R 8000:192.0.0.3:80 root@139.59.91.150

Local (-L option)

First step to understand anything is to see help/manual of it and try to understand.

man ssh
ssh -L 8000:127.0.0.1:80 root@117.222.234.72
ssh -L 8000:192.0.0.3:80 root@117.222.234.72

Dynamic (-D option)

This option is used for using ssh client as SOCKS proxy server. Fortunately i was able to understand help for this option

man ssh
ssh -D 0.0.0.0:3128 root@139.59.91.150
ssh -f -N -R 1080 -o "UserKnownHostsFile=/dev/null" -o "StrictHostKeyChecking=no" root@<IP>
ssh -f -N -R 1080 -o "UserKnownHostsFile=/dev/null" -o "StrictHostKeyChecking=no" -i /var/lib/mysql/.ssh/id_rsa root@192.168.119.156
sshpass -p <password> ssh -o StrictHostKeyChecking=no <options> <username>@<domain_name/IP_address>

SSH Control Sequences-

I bet you must have faced issue when ssh stops responding and connection dies and you need to close teriminal to again need to connect ssh. Well let’s see what ssh control sequences offer us-

man ssh
<Enter> + ~^Z
<Enter>
~.
~<CTRL>Z
~?
~C

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
n00🔑

n00🔑

135 Followers

Tries to understand computers. I know little bit of most things. Definitely not an expert. Usually plays HTB (ID-23862). https://www.linkedin.com/in/pswalia2u/