SshTunneling

From Cheaha
Revision as of 21:41, 11 January 2012 by Pavgi@uab.edu (talk | contribs) (ssh port forwarding notes for 'nix system users)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.


Attention: Research Computing Documentation has Moved
https://docs.rc.uab.edu/


Please use the new documentation url https://docs.rc.uab.edu/ for all Research Computing documentation needs.


As a result of this move, we have deprecated use of this wiki for documentation. We are providing read-only access to the content to facilitate migration of bookmarks and to serve as an historical record. All content updates should be made at the new documentation site. The original wiki will not receive further updates.

Thank you,

The Research Computing Team

SSH Port Forwarding Configuration

Most of the test systems are not exposed to the public interent directly and reside in a private network space. So one can't directly connect to these systems using a public hostname or IP address. One of the way to connect with such systems is using SSH Port Forwarding (a.k.a. SSH tunneling). In this technique a port on the local system is 'SSH tunneled' to a port on the remote system behind firewall using a public facing SSH server. Following is an example on how to connect to a test system behind firewall using Cheaha as an SSH server.

  • First set up an SSH-tunnel using ssh command as shown below.
 # General syntax 
 $ ssh -L <local-port>:<remote-system-IP-or-Hostname>:<remote-system-port> blazerid@cheaha.uabgrid.uab.edu 
  • Now you can connect to the <remote-system-IP-or-Hostname> using your local system's port number. For example, if you want to ssh to <remote-system-IP-or-Hostname> then type following ssh command.
 $ ssh blazerid@localhost -p <local-port>

Another way to set this up is using ssh configuration file rather than specifying these option on command-line. Following example shows '.ssh/config' file example where Cheaha head node is used as SSH server gateway and <remote-system-IP-or-Hostname> is a system behind firewall.

 # 'rnet' gateway - happens to be cheaha head node
 Host rnet
     User pavgi
     hostname cheaha.uabgrid.uab.edu
     # Port forwarding <remote-system-IP-or-Hostname>
     LocalForward localhost:<local-port> <remote-system-IP-or-Hostname>:22
 
 Host <remote-system-Hostname>
     User pavgi
     hostname localhost
     Port <local-port>

Now you need to connect with the 'rnet' gateway first and then connect to the <remote-system-IP-or-Hostname> system.

  • Connect to Cheaha to setup SSH tunneling
 $ ssh blazerid@rnet 
  • Connect to the <remote-system-IP-or-Hostname>
 $ ssh blazerid@<remote-system-Hostname>