ssh to machine behind shared NAT

Following is a useful command to ssh to machine behind shared NAT network to get network. It assumes that you have an accessible jump host and physical console or drac/ilo/lom etc. access to run the command. Run the command on the host behind NAT then ssh connect to your jump host on port 2222. That connection to the jump host will be forwarded to the hidden machine.

Note: Some older versions of ssh do not acknowledge the bind address (0.0.0.0 in the example) and will only listen on the loopback address.

ssh -NR 0.0.0.0:2222:127.0.0.1:22 user@jump.host.com

More explanation: Reverse Port Forwarding

Reverse port forwarding is less used than forward port forwarding, but it also has its usefulness. It allows remote access to the local system, using a remote system accessible through ssh.

Example where the ssh client will listen on remote-system.domain port 2222 and forward all connections back through the ssh tunnel, out to localhost port 22 :

ssh -NR 0.0.0.0:2222:127.0.0.1:22 user@jump.host.com

This is a typical example where anyone connecting to remote-system.domain port 2222 will transparently be connecting to the system where the ssh client was executed. This can be very useful to enable temporary access to a local system behind NAT or a firewall by using one external system.

Note that if the 0.0.0.0: bind address is omitted, the command will listen on the remote localhost only. We use the 2222 port because it’s very likely the remote system already has its own ssh server listening on port 22.

Leave your solution or comment to help others.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from blackMORE Ops

Subscribe now to keep reading and get access to the full archive.

Continue reading