SshTunneling
SSH Port Forwarding Configuration
Most of the test systems are not exposed to the public interent directly and reside in a private network space. So one can't directly connect to these systems using a public hostname or IP address. One of the way to connect with such systems is using SSH Port Forwarding (a.k.a. SSH tunneling). In this technique a port on the local system is 'SSH tunneled' to a port on the remote system behind firewall using a public facing SSH server. Following is an example on how to connect to a test system behind firewall using Cheaha as an SSH server.
- First set up an SSH-tunnel using ssh command as shown below.
# General syntax $ ssh -L <local-port>:<remote-system-IP-or-Hostname>:<remote-system-port> blazerid@cheaha.uabgrid.uab.edu
- Now you can connect to the <remote-system-IP-or-Hostname> using your local system's port number. For example, if you want to ssh to <remote-system-IP-or-Hostname> then type following ssh command.
$ ssh blazerid@localhost -p <local-port>
Another way to set this up is using ssh configuration file rather than specifying these option on command-line. Following example shows '.ssh/config' file example where Cheaha head node is used as SSH server gateway and <remote-system-IP-or-Hostname> is a system behind firewall.
# 'rnet' gateway - happens to be cheaha head node
Host rnet
User pavgi
hostname cheaha.uabgrid.uab.edu
# Port forwarding <remote-system-IP-or-Hostname>
LocalForward localhost:<local-port> <remote-system-IP-or-Hostname>:22
Host <remote-system-Hostname>
User pavgi
hostname localhost
Port <local-port>
Now you need to connect with the 'rnet' gateway first and then connect to the <remote-system-IP-or-Hostname> system.
- Connect to Cheaha to setup SSH tunneling
$ ssh blazerid@rnet
- Connect to the <remote-system-IP-or-Hostname>
$ ssh blazerid@<remote-system-Hostname>
