Access a service on a remote machine via an intermediary
ssh -v -L 4444:app.example.com:5000 $USER@jump.example.com -nNTNow you can access the service running on app.example.com:5000 by going to localhost:4444 in your browser.
Explanation of the command
- from the host machine (where you are running the command)
- connect to jump.example.com as user $USER
- once there, access service app.example.com on port 5000
- then make that service available on the host machine on port 4444
Advanced usage - Two jumps
ssh -J user@jump.example.com user@app.example.com -L 1111:database.example.com:3306 -nNT -vvv
Notes:
-J jumps to another host
-L makes a tunnel to a service that's already running
Now you can do:
mysql --protocol=tcp --host=127.0.0.1 --port=1111
Notes:
- you must specify protocol because of the tunnel
- specifying 127.0.0.1 (instead of "localhost") prevents MySQL trying to use a local socket and failing
Use a proxy on a remote machine via an intermediary
If there's a proxy you need to use: proxy.example.com:8888 -- but you can only access it from jump.example.com -- then set up a tunnel like this:
ssh -A -L 4444:proxy.example.com:8888 $USER@jump.example.com -nNTv
Now you can use http://localhost:4444 as your proxy server, instead of http://proxy.example.com:8888
Posts
