Categories
Linux

How to Use an SSH Tunnel Through a Jump Host

So, you want to use an ssh tunnel, to get to another ssh tunnel? Here is how to create and use it.

ssh-tunnel

SSH Tunnel through Tunnel Command

Nothing new here, but I documented it in case I forget:


ssh -t L7070:localhost:7071 user@jumphost ssh -t -D7071 user@furtherhost

Explanation of SSH Tunnels

SSH is a secure protocol and you can put data inside of it that would otherwise be sniffed, viewed, intercepted etc. When you use an ssh tunnel you simply direct your application (like firefox) to use the tunnel as a proxy instead of using the IP networking that the operating system offers.
Very much like the SSH Tunnel Tutorial which uses a socks proxy (and this one can too), the above command will open port 7070 on your local machine to the jumphost, from the jumphost port 7071 it routes it outbound to the ssh server on furtherhost.
All you need to do to use this SSH tunnel is point your application to the localhost on port 7070 and your ip will appear to come from the furtherhost, not the jumphost.

What Does localhost Port Usage Look Like?

I’m using firefox socks proxy function:


C:\Users\james\desktop>tasklist | findstr fire
firefox.exe                   7796 Console                    1    754,212 K
C:\Users\james\desktop>netstat -ano
Active Connections
  Proto  Local Address          Foreign Address        State           PID
...
  TCP    127.0.0.1:50008        127.0.0.1:50009        ESTABLISHED     7796
  TCP    127.0.0.1:50009        127.0.0.1:50008        ESTABLISHED     7796
  TCP    127.0.0.1:55603        127.0.0.1:7070         ESTABLISHED     7796
  TCP    127.0.0.1:55633        127.0.0.1:7070         ESTABLISHED     7796
  TCP    127.0.0.1:56279        127.0.0.1:7070         ESTABLISHED     7796
...

What Does FurtherHost Port Usage Look Like?

I’m browsing gmail through the tunneled tunnel:


(1:226)# netstat -ano
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       Timer
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      off (0.00/0/0)
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      off (0.00/0/0)
tcp        0      0 99.236.72.69:34536     74.125.22.100:443       ESTABLISHED off (0.00/0/0)
tcp        0      0 99.236.72.69:34540     74.125.22.100:443       ESTABLISHED off (0.00/0/0)
tcp        0      0 99.236.72.69:34535     74.125.22.100:443       ESTABLISHED off (0.00/0/0)
...

(1:227)# nslookup 74.125.22.100
Server:         8.8.8.8
Address:        8.8.8.8#53
Non-authoritative answer:
100.22.125.74.in-addr.arpa      name = qh-in-f100.1e100.net.

What is My Final Apparent IP?

Testing on whatismyip.com and through my apache acls shows that the ip is 104.236.72.69 (my furtherhost example).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.