a * Lab to make things

User Tools

Site Tools


Reverse SSH Tunneling

This tutorial will present you how to open a remote connection (via SSH) to a network that don't allow it. And more generally to a computer without a public IP address.

You have access to inside, outside and middle but cannot access inside from the outside because of a firewall you don't control. In order to gain such access you need to open a permanent connection from inside to middle. Then make middle forward every connection from outside to inside via the permanent connection previously established.

You need

On inside machine (Unix-like)

  • A regular account (no root needed)
  • A SSH client that can perform a connection with middle (it is installed by default on every linux distributions and on Mac OS X)
  • A SSH server accessible at least locally -from the machine itself or more commonly from the local network (ie. 192.168.0.XXX).
  • Access to crontab

On middle machine (Unix-like)

  • A root/sudo account (in order to modify ssh configuration files)
  • A SSH server accessible from everywhere (ie. with a public IP address)

On any outside machine (Any platform)

  • A regular account with an ssh client (an SSH client for windoze machines)

You do

On middle :

  • In order to make the connection permanent you must prevent any timeout or closing procedures due to inactivity :



and add/modify the following lines :

TCPKeepAlive yes
ClientAliveInterval 30
ClientAliveCountMax 99999
GatewayPorts yes

On inside :

  • In order for inside to be able to log into middle without having to type a password, you need to set up a public key.

create a public key (choose default options):

ssh-keygen -t rsa

copy the public key to middle :

ssh-copy-id <middle-username>@<middle-hostname>
  • In order to make the connection run again in case of loss you need to create a script and add it to your crontabs

create a file launch-reverse-ssh-tunneling.sh and add the following lines to it :

a=(`ps -ef | grep 19999 | grep -v grep`)
if [ ! "$a" ]; then
    ssh -fN -R 19999:localhost:22 <middle-usename>@<middle-hostname>

make the file executable:

chmod +x /path/to/your/script/launch-reverse-ssh-tunneling.sh

edit the Cron tabs :

crontab -e

add the following line :

* * * * * /path/to/your/script/launch-reverse-ssh-tunneling.sh

this will test every minute if the tunnel is alive and re-launch it in case it died

You can

you should now be able to access to inside from outside via a connection to 'middle' :

ssh <inside-username>@<middle-hostname> -p 19999

enjoy ! ;)

doc/reverse_ssh_tunneling.txt · Last modified: 2015/02/17 22:52 by gturri