Accessing Internal Network using SSH Tunnel or Bastion Host
- Get access to a cloud server or VPS (Linux based; accessible from the internal network).
- Select a system in the internal network and execute the following SSH command:
ssh -nNT -R 9999:192.168.0.5:22 username@IP
ssh -nNT -R 9999:192.168.0.5:22 firstname.lastname@example.org -p 2345
In the above command,
-N : used for forwarding ports
-n : used for executing X11 programs (such as gedit, emacs)
-T : Disable pseudo-tty allocation.
-R [bind_address:]port:host:hostport : Specifies that the given port on the remote (server) host is to be forwarded to the given host and port on the local side. This works by allocating a socket to listen to port on the remote side, and whenever a connection is made to this port, the connection is forwarded over the secure channel, and a connection is made to host port hostport from the local machine.
-p : SSH port number (if applicable)
- Rest is self explanatory.
The above command will connect to the IP. After this, Connect to the same cloud server/VPS from your home (remote location).
After being connected, execute the following command:
ssh -p9999 localhost
The above command will connect to the internal system which we had selected initially.
NOTE: Please note that the port 9999 must not be blocked on the cloud server/VPS, else it will fail to connect.
Thanks for reading.