0

I have a private application hosted on a server. It only allows connection from localhost.

However, the default interface configured on the server is eth0. So I need to set the interface to lo or the app would see the connection as coming from the server's public IP instead of localhost:

pc $ ssh root@123.123.123.123

# This doesn't work. App sees traffic as coming from 123.123.123.123
server $ curl https://example.com:8000

# This works
server $ curl --interface lo https://example.com:8000

But I can't just SSH into the server and curl the app. I need to access it from my computer to use the web UI.

I tried using

pc $ ssh -D 9000 root@123.123.123.123
pc $ curl -x "socks5://localhost:9000" https://example.com:8080

But the application sees the request as coming from the server's global IP again.

So is there a way to make SSH use the lo interface on the remote when forwarding? I'd prefer not to modify the ip route table on the server if possible.

wisha
  • 101

1 Answers1

0

Two options:

  1. Set up a proxy or port forward on example.com, to forward connections from example.com:80 to localhost:8000.

  2. Use ssh to forward a port from the PC:

    ssh -L 8000:localhost:8000 example.com

    Then connect to http://localhost:8000 from the PC.

Andrew Schulman
  • 8,811
  • 21
  • 32
  • 47
  • The application only support HTTPS and has SSL certificate for only example.com. And even if the SSL works, would the application really see the connection as coming from localhost? My attempt in the question using ssh -D looks like this one, and it doesn't work. – wisha Mar 11 '21 at 11:26