Using SSH for tunneling

A very useful resource (in French) to use SSH, with specific use cases: Les_tunnels_SSH

Another useful (and short one for tunneling):

Connecting to another remote computer through a common central computer

In short, if you have a configuration with 3 computers (A – B – C) and you want to connect to A (arrival) from C (client) but A doesn’t allow direct SSH connection, you can do the following:

  1. On A and B, install openssh-server
  2. On A, open an SSH connection to B: ssh -R 5000:localhost:22 user-on-B@B
  3. From C, connect to B: ssh user-on-B@B
  4. Using the open connection on B, open a connection to A: ssh -p 5000 user_on_A@localhost

This should get you all ready to work on A.

Opening a browser

Another special case is you have A-B-C, you are on C and want to access the internal website running on A, but you can only access B in SSH, and from B, access A.

  1. Install openssh-server on A and B
  2. From C, instruct your SSH client to connect to B and to link your local port 8080 to A’s port 80: ssh -L 8080:A.A.A.A:80 user_on_B@B.B.B.B
  3. Open your browser on http://localhost:8080

Opening a browser to a named host in SSL

A more complex case could be to open your browser in HTTPS to a server that only answers correctly if you use a specific domain (or subdomain) name. We use the same terminology as above, where you (as a client) are C, and want to connect to A but have to pass through B.

Let’s say the destination URL is

  1. Install openssh-server on A and B
  2. Add the domain name you want to reach as an alias for in your /etc/hosts file ( localhost
  3. From C, instruct your SSH client to connect to B and to link your local port 8080 to A’s port 443 (for SSL): ssh -L user_on_B@B.B.B.B
  4. Open your browser on

Note that, depending on the web application on the other hand, the fact that you use port :8080 to reach it might generate some issues, like for example that, following a link in the application, the URL would be returned to a version without the port number. In this case, you would have to manually update the URL to add the port again.

Opening a browser on A as if you were there

The previous cases explained how to open a browser on C and just browse things that are located on A. In this case, we want to launch a browser on A, live, and use it from C’s desktop as if it were local.

This requires the X11Forwarding option to be set to yes on both A and B, in /etc/ssh/sshd_config. If it’s not the case, change it and restart the ssh service before you continue.

I’m assuming you have the same username on A, B and C. That’s going to make it slightly easier.

Let’s go now:

  1. Install openssh-server on A and B
  2. From A, instruct your SSH client to connect to B using port 6000: ssh [-p xyz] -R 6000:localhost:22 user-on-B@B
  3. From C, instruct your SSH client to connect to B through port 6000 (and then to port 6000 on localhost, which is a tunnel to A), through B: ssh [-p xyz] user-on-B@B -L 6000:localhost:6000
  4. From C (in another terminal), instruct your SSH client to connect to your local port 6000, which will go through the tunnel to B and then A, with a session supporting X11: ssh -X -p 6000 user-on-A@localhost
  5. You should end up in a terminal on A. Launch the graphical app you want (firefox, chromium-browser, etc). If the browser is already running on the machine, it will not allow you to see it, so make sure you kill the process before trying to start it through X11 forwarding.

This is usually awfully slow, so you should probably use the “compress” option “- C” in that last command. You could also specify a “light” cipher (as documented in “man ssh_config” around keyword “Ciphers”) with the “-c” option.

Apparently, the right choices for speed are X2GO or NX, though…

Related Posts

Why using root on UNIX/Linux is bad ?

A lot of people use the root account to do anything they need,...

HOWTO Autocomplete hostnames with bash while using SSH

This article was first written in October 2007 for the BeezNest technical website...


Comments are closed.