Get Mystery Box with random crypto!

[SSH][PORTFORWARDING] Do you need to test an application behin | LinuxCheatSheet

[SSH][PORTFORWARDING] Do you need to test an application behind a firewall? Do it via ssh!
SSH Forward local to remote
Suppose you have a remote server (target-server) behind some kind of firewall, and this server run a web app on port 80. Port 80 is not exposed to public Internet and for some reason you don't want (or you can't) change the firewall rules. Anyway, you can reach the target-server via ssh. From your computer, you can access the http application via ssh port-forwarding.
From your computer login to the target server.
[your@pc ~]$ ssh -C -L8080:localhost:80 remoteuser@target-server
After you login, leave the shell open
[remote@server ~]$ watch /bin/true
and iconify the window.
Then open a browser and point it to:
http://localhost:8080/

SSH Options used:
-C enable data compression
-L forward local to remote

So with the above command you forwarded local port 8080 to remote port 80 on localhost that is the target server itself. You can of course choose to forward on any other host reacheable by target server, if you do so, you are using target server as a bastion host.
Why the local port is 8080 and not 80? Two main reasons:
1. If you are not root on your pc, you can't open port below 1024
2. Port 80 may already be open on your pc

SSH Forward remote to local
You can also do the reverse: You have a testing webapp running on your pc and you want it to be reached by the target server:
[your@pc ~]$ ssh -C -R8080:localhost:80 remoteuser@target-server
Then after you login:
[remote@server ~]$ curl http://localhost:8080
The connections done on localhost 8080 to remote server will be forwarded to your pc on localhost 80.

SSH Dynamic Forwarding
This is, on my opinion, a very powerful feature.
From your pc connect to target server with
[your@pc ~]$ ssh -C -D8080 remoteuser@target-server
After you login, leave the shell open
[remote@server ~]$ watch /bin/true
and iconify the window.
Now open Firefox and configure the proxy. For the configuration choose "SOCKS5" proxy with SOCKS host localhost on port 8080.
In Firefox about:config change the value of key network.proxy.socks_remote_dns to true. Restart firefox. Now you can browse with Firefox as if you are browsing from the remote server, accessing all the hosts and applications that target server has right to access. Plus, if the target server has access to Internet, you can browse Internet as if you are in the remote location. Try it with http://ipecho.net/plain and you will see that your public IP is now the public IP of the remote server.

If you like it please vote the post and share the channel with your friends: http://t.me/linuxcheatsheet
Bye!
G.
Prossimo messaggio
telegram-store.com © 2016-2024
Non official site about Telegram
Tutti i diritti sono riservati. È vietata la copia e l'utilizzo di tutto il materiale; la citazione parziale è possibile solo con un collegamento ipertestuale al sito telegram-store.com.