有人能简单地解释一下 SSH 隧道吗?

虽然我使用一些别名来做 ssh隧道或反向隧道,我从来不明白它是如何工作的。有人知道怎么用简单的方法解释吗?

我认为三个主要用途是:

首先,我可以使用我的家庭计算机 ssh 到 foo.mycompany.com,而不使用任何密码 (foo是工作中的服务器)

  1. 如何使 foo.mycompany.com:8080去我的家用电脑的 localhost:3000

  2. 如果在家里,我不能访问 http://bar.mycompany.com,但是 foo可以访问 bar,如何使家里的电脑能够访问 http://bar.mycompany.com

  3. 如果在家里,我不能在 db.mycompany.com上访问 MySQL 数据库,但是 foo可以,如何使用 ssh隧道也可以访问 db.mycompany.com

它可以用非常简单的术语来解释吗?除了这三种用法,还有其他流行的用法吗?谢谢。

51547 次浏览
小开

Read the man page, specifically the -L, -R and -D options. I don't think someone rewriting this, and possibly introducing mistakes, is useful. If you don't understand it though you could ask more specific questions.

-D gives a SOCKS proxy, which is another useful application of ssh tunnelling.

小开

SSH tunnelling is very simple. It opens a listening socket at one end. Whenever anyone connects to that listening socket, it opens a corresponding connection from the other end to the configured location, then forwards all information both ways between the two, over the SSH link.

小开

1) Assuming you connect from home to foo, you need a reverse tunnel (-R)

ssh -R 8080:localhost:3000 foo.mycompany.com

This will enable processes running at foo to connect to localhost:8080 and actually speak to your home computer at port 3000. If you want other computers at your work to be able to connect to foo:8080 and access your home computer at port 3000, then you need

ssh -R 0.0.0.0:8080:localhost:3000 foo.mycompany.com

but for this to work you also need this option to foo's sshd_config

 GatewayPorts yes

2) The best way to create an http proxy with ssh is with socks. First connect with

ssh -D 8888 foo.company.com

then go to your browser connection settings and enable proxy connection, choose socks4/5 and host: localhost, port 8888. Then just type http://bar.mycompany.com in your browser's address bar.

3) Now you need a local port forward (-L).

ssh -L 3333:db.mycompany.com:3306 foo.mycompany.com

This means that you will be able to connect at localhost:3333 from your home computer and everything will be forwarded to db.mycompany.com:3306 as if the connection was made by foo.mycompany.com. Host db will see foo as the client connecting, so you need to login with the same username and password you use when working from foo.

Adding -g flag will enable other computers from your home network to connect to your computer port 3333 and actually access db:3306.

小开

First of all I will explain SSH:

SSH is remote login shell that helps you to connect remote machines using encrypted connection. So once you made ssh connection to any remote host the connection between hosts are secure and encrypted.

SSH tunneling is routing your traffic through SSH secure connection.

In simple words SSH tunneling is nothing but one connection is encapsulated by another connection. By taking this as a advantage we make tunnels by using SSH client.

Following command helps you to create simple socks proxy

ssh -D 8080 user@sshserverip
小开

Quite an old question, but see if this page helps explain it for you, it's got pretty pictures and all. :)

https://www.ssh.com/ssh/tunneling/

Basically, a SSH Tunnel is a tunnel that can be used to pass (tunnel) data from one place to another, encrypted.

It is also commonly used to route traffic (via a tunnel, think wormhole) to somewhere else, which allows for things such as tunnelling through a firewall or redirecting traffic (encrypted port forwarding).

Let's say you have a firewall between you and the server. The server can access another server (server2) on it's internal network.

[client]--------||------[server]----[sever2]

Let's say you want to access a web server on server2, and for obvious reasons you can't do this directly. Let's say that port 22 (ssh) is open on the firewall. So what we would do is create an SSH tunnel (on server) from server to server2. This will mean that any (outbound?) traffic on port 22 will be sent, via this tunnel, from server:22 -> server2:80.

[client]--------||------[server:22]======[sever2:80]

So (as I understand it), if we connect to server:22, it should redirect traffic on port 22 to the web server on server2:80 using this new SSH tunnel. (as far as I understand, the data is only encrypted in the tunnel, so the end will be decrypted data, if you're wondering if server:80 has to be SSL).

I suppose in one way that using SSH, is in itself, an SSH Tunnel for your old telnet communication. It's just that in most times you hear about SSH Tunnelling, people are referring to the (secure) port forwarding feature it offers, without having to have access to the firewall admin, which is a nifty little feature that a lot of hackers like to use to get around security.

On the more legitimate reasons; it's great way to relay certain traffic to an internal server that works on a different port, should you be limited by a firewall and such, or you want to secure the traffic between two machines (like the SSH program does).

Hope this helps.

EDIT

Found this over at the UNIX SO https://unix.stackexchange.com/questions/46235/how-does-reverse-ssh-tunneling-work, lots of answers with very clear (and pictorial) explanations of what you need!


提交答案