0

I need a SSH tunnel from my home to private IP 10.4.100.6 as diagrammed here:

+-------+    +-----------------+  +------------+  +-------------+
|       |    |                 |  |            |  |             |
| Home  +----+ foo.example.com +--+ 10.4.100.5 +--+  10.4.100.6 |
|       |    |                 |  |            |  |             |
+-------+    +-----------------+  +------------+  +-------------+

I have root access on 10.4.100.5 and 10.4.100.6. I have zero access to foo.example.com. When I ssh to foo.example.com, I somehow land on 10.4.100.5, which is a different host. We're talking about 4 separate hosts. I assume foo.example.com uses one-to-one NAT.

I tried:

ssh -L 8080:10.4.100.6:80 user@foo.example.com

No luck. Any tips?

Edit: It turns out the tunnel works, but not for websockets. Connections to ws://localhost:8080 fail with this:

<snip> WebSocket connection to 'ws://localhost:8080/' failed: Error during WebSocket handshake: Unexpected response code: 200

I didn't realize this at first. I thought the connection just hung.

Edit 2: My apologies, but I figured this out. I didn't realize that the app involves 2 servers: nginx on port 80 and a websocket server on port 8080. I created 2 separate SSH tunnels, and all works now. I got confused because the local port I chose, 8080, was also the port used by the remote websocket server.

Summary: nothing special is required to create a SSH tunnel through one-to-one NAT.

royco
  • 573
  • 3
  • 8
  • 17
  • What do you mean by "No luck"? Be specific. Show error messages and log entries. – Michael Hampton Sep 13 '20 at 04:42
  • @MichaelHampton After creating the tunnel as described, I tried `curl http://localhost:8080` and the connection never was made. `curl` just hung. However, I figured it out. I'll post a solution very soon. – royco Sep 13 '20 at 04:49

3 Answers3

1

Provided that 10.4.100.5 can access 10.4.100.6:80 I don't see why your ssh -L 8080:10.4.100.6:80 user@foo.example.com wouldn't work.

Can you telnet/curl 10.4.100.6:80 from 10.4.100.5? If not, maybe a firewall is configured on 10.4.100.6 forbidding access to port 80, by dropping the connection and not rejecting it.

Alex
  • 46
  • 4
1

You may be able to use the ProxyJump feature in OpenSSH to do this cleanly.

ssh -J user@foo.example.com -L 8080:localhost:80 user@10.4.100.6

Adding -J user@foo.example.com tells ssh to connect to the destination via port forwarding set up dynamically on foo.example.com. If you don't have ssh keys set up, you'll be prompted for passwords for both foo.example.com and 10.4.100.6.

If this works for you, you can add it to your local ~/.ssh/ssh_config to make it easier. E.g.,

Host 10.4.100.6
    ProxyJump user@foo.example.com

Then you won't need to specify the -J on the command line to connect to 10.4.100.6.

satwell
  • 111
  • 3
1

Is there an option to use sshuttle? - https://github.com/sshuttle/sshuttle

It may be a simpler proxy option, especially given the lack of access to the remote SSH target.

ewwhite
  • 197,159
  • 92
  • 443
  • 809