Reverse SSH Tunneling (NAT)

Home / Hacking, News, Security / Reverse SSH Tunneling (NAT)

January 7, 2010 PlanetCreator 0 Comments 0 tags

Have you ever wanted to ssh to your Linux box that sits behind NAT? Now you can with reverse SSH tunneling. This document will show you step by step how to set up reverse SSH tunneling. The reverse SSH tunneling should work fine with Unix like systems.

Let’s assume that Destination’s IP is 192.168.20.55 (Linux box that you want to access).

You want to access from Linux client with IP 138.47.99.99.

Destination (192.168.20.55) <- |NAT| <- Source (138.47.99.99)
1. SSH from the destination to the source (with public ip) using command below:

ssh -R 19999:localhost:22 [email protected]

* port 19999 can be any unused port.

2. Now you can SSH from source to destination through SSH tuneling:

ssh localhost -p 19999

3. 3rd party servers can also access 192.168.20.55 through Destination (138.47.99.99).
Destination (192.168.20.55) <- |NAT| <- Source (138.47.99.99) <- Bob’s server

3.1 From Bob’s server:

ssh [email protected]

3.2 After the sucessful login to Source:

ssh localhost -p 19999

* the connection between destination and source must be alive at all time.

Tip: you may run a command (e.g. watch, top) on Destination to keep the connection active.

Explore More

Credit card fraud! How to protect ourselves from this identify theft?

Credit card or the plastic money has given us lot of convenience on the good side and hell lot of head ache on the bad side. Credit card fraud as

Critical XSS vulnerability in YouthDreams.Net

Security Researcher $@T0R! reported another XSS vulnerability in http://www.youthdreams.net Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject

Joomla Hack

######################################################################################### Joomla 1.5.x Remote Admin Password Change ########################################################################################## ## Author: d3m0n ([email protected]) ## Greets: GregStar, gorion, d3d!k ## ## Polish “hackers” used this bug to deface turkish sites BUAHAHHA nice

[webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
on November 15, 2024 at 12:00 am
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
[webapps] reNgine 2.2.0 - Command Injection (Authenticated)
on October 1, 2024 at 12:00 am
reNgine 2.2.0 - Command Injection (Authenticated)
[webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
on October 1, 2024 at 12:00 am
dizqueTV 1.5.3 - Remote Code Execution (RCE)
[webapps] openSIS 9.1 - SQLi (Authenticated)
on October 1, 2024 at 12:00 am
openSIS 9.1 - SQLi (Authenticated)
[dos] Windows TCP/IP - RCE Checker and Denial of Service
on August 28, 2024 at 12:00 am
Windows TCP/IP - RCE Checker and Denial of Service