2011-10-30
SSH Port Forward
- <情境> 有些網路環境綁得很死,像是會擋 VNC (5800~59) 連線埠,這時候就只能用 SSH 穿牆術了~
- <解法> 語法:
ssh -L 5902:localhost:5901 user@A.B.C.D
+--------------------+ +-------------------------+ | | Firewall | | | vncviewer +------------>XX + 0.0.0.0:5901 vnc server | | | || | | | ssh client +-------------OO------>+ 0.0.0.0:22 ssh server | | | || | | +--------------------+ +-------------------------+ My Notebook Public Server localhost IP address : A.B.C.D ||| on localhost ||| Run following command ||| 'ssh -L 5902:localhost:5901 ||| user@A.B.C.D' VVVVV VVV V +--------------------+ +-------------------------+ | | Firewall | | | +-> 127.0.0.1:5902 +==>+ || +<==+ 0.0.0.0:5901 vnc server | | | | | || | | | | | ssh client +---+-------->OO---+-->+ 0.0.0.0:22 ssh server | | | | || | | | +------- vncviewer | || | | +--------------------+ +-------------------------+ My Notebook Public Server localhost IP address : A.B.C.D - 這是 2009-02-28 畫的另一個情境,再重畫一次,或許會比較清楚。三台電腦的關係:
+-----------------+ NAT Firewall +--------------------------+ | | || || | | | web browser +--OO---------------------------------->XX + 0.0.0.0:80 web server | | | || || | | | | || +--------------------------+ || | | | | || | | || | | | | || | [ ssh server ] | || | | | ssh client +--OO-->+ 0.0.0.0:22 0.0.0.0:22 +<---OO----+ ssh client | | | || | | || | | | | || | ssh client +--->XX + 0.0.0.0:22 ssh server | | | || | | || | | +-----------------+ || +--------------------------+ || +--------------------------+ My Notebook Public Server Private Server localhost IP address : A.B.C.D ( private IP address ) ||| on Private Server ||| run following commands ||| 'nohup ssh -f -N -R 10000:localhost:22 user@A.B.C.D' ||| to generate forward **** ||| VVVVV 'nohup ssh -f -N -R A.B.C.D:8123:localhost:80 user@A.B.C.D' VVV to generate forward ==== V +-----------------+ NAT +--------------------------+ Firewall +--------------------------+ | | || | | || | | | web browser +--OO-->+ A.B.C.D:8123 +==+ || +==+ 0.0.0.0:80 web server | | | || | | | || | | | | | || | [ ssh server ] | | || | | | | ssh client +--OO-->+ 0.0.0.0:22 0.0.0.0:22 +<-+-OO-+--+ ssh client | | | || | | | || | | | | | || | +-------- ssh client | | || | | | | | || | | | | || | | | | | || | +---> 127.0.0.1:10000 +**+ || +**+ 0.0.0.0:22 ssh server | | | || | | || | | +-----------------+ || +--------------------------+ || +--------------------------+ My Notebook Public Server Private Server localhost IP address : A.B.C.D ( private IP address )
Last modified 13 years ago
Last modified on Oct 30, 2011, 11:36:07 PM
Attachments (1)
- ssh-port-forward (3.2 KB) - added by jazz 13 years ago.
Download all attachments as: .zip
