Using SSH Tunnelling (Draft)

Using SSH Tunnelling (Draft)

Scenario #1: Access port 400xx port on munro from Windows
This works from home. We are hoping to relax the internal firewall restrictions to make this work in the labs.

1)  Logon to munro using putty from Windows. On munro, start up one of your server programs that listens on port 400xx. Verify that it works by telneting to it from munro.

2)  Modify your putty parameters as follows – either using “Change Settings” or the initial settings in a 2nd putty session (it doesn’t matter) Modify Connection | SSH | Tunnels by filling in
Source Port: 401 (any unused port number will do)
Destination: munro.humber.ca:400xx (where xx is your assigned port)
Then click Add and then Apply.
The string that will appear in the Forwarded ports text box is: L401 munro.humber.ca:400xx
Test by entering the following command in the Windows cmd line:
telnet localhost 401
The result should be that you are talking to your remote program on munro via the local port 401 which is bound through putty to the remote port 400xx.

3)  Kill your program with a <ctrl>C or a Quit command when you are done.

Scenario #2: Access your Windows machine from munro
This is achieved through a reverse tunnelling operation. Set up or add the following tunneling configuration for putty:
Under the Destination label you will find radio button for Remote. Select it.

Now enter:
Source Port: 23
Destination: munro.humber.ca:400xx

Then click Add and then Apply.
The string that will appear in the text area of Forwarded Ports will be: R400xx localhost:23
Test by typing in the command on munro:

telnet localhost 400xx #where xx is your assigned munro port. You connect with Windows
Scenario #3: Access port 400xx on munro from Linux/OS X
In Linux the command is of the form:
ssh -L <localport>hostname<remoteport> <username>@<servername

ie: ssh -L 4001:localhost:400xx yourId@munro.humber.ca
Note that since this is Unix, the local port has to be 1024 or greater. Unless you are root and that’s not advisable.

It makes no difference if this is your 1st connection or you left your previous server running in a previous terminal window. However remember that you are now logged into munro and you may need to open up another free terminal window on your Linux/OS X box.

1)  Start up your service program to listen on port 400xx

2)  From your Linux/OS X terminal window test the connection
telnet localhost 4001
This should take you from your local machine to the port on munro.

Scenario #4: Access a service on Linux/OS X from munro

Again we are going to implement reverse tunneling, but use the command line to do it. In practice your Linux install running as a virtual machine under Windows is hidden from the outside world. However SSH tunnelling can make it visible. Your biggest problem would be obtaining enough free ports on the outside server (munro) and though there are enough numbers available in theory, you only have 1 port to work with. Sorry about that. To make this less confusing, close all connections and start fresh.
The connection has to be created from your (hidden) server, not munro.

1)  ssh -R <remoteport>:localhost:<serviceport
From your Linux machine or OS X box type in:
ssh -R 400xx:localhost:13 yourid#munro.humber.ca

2)  Now from your session on munro type in one of the following 2 commands:
telnet localhost 400xx or...
ssh localhost -p 400xx
You should see the daytime service result from your Linux/OS X box on munro

Scenario #5: Using putty to create a bridge between munro and your PC running Windows on Linux

In cases where you have a machine that can talk to two other machines, but not directly to each other, or if you want to redirect a service to a different machine, you can use the machine in the middle as a bridge.
ssh -f -L 2000:personal-server.com:25 -N

ssh -N -L localhost:localport:DATABASE_MACHINE:remoteport BRIDGE_MACHINE_USER@BRIDGE_MACHINE