Friday, 30 May 2008

Port forwarding with ssh

Let's just say that I've a box with an sshd listening on port 22, but I want it to accept as well connections on port, for example, 443. There might be many many ways to do it, but one way is to open an ssh tunnel, by running this as root on the said box:

ssh -g -N -f -L 443:localhost:22 user@localhost

-f forks, so the tunnel stays open in the background as long as the box is up. -g allows connections from the outside world. -N is there to avoid executing a command (just forward the port). And -L gives the tunnel specification.

2 comments:

Aristotle said...

Of course using SSH for this purpose is inefficient – it encrypts the traffic and redecrypts it, all for naught, while eating your CPU cycles.

You want socat instead. Your example would then be

socat \
TCP4-LISTEN:443,fork,su=nobody,reuseaddr \
TCP4:localhost:22

dams said...

I think using -c none would disable encryption ?