_____________________________________________
with loves, with efforts, with knowledges
knowing the best for ur best
__illuminator__
http://wafa.web.id
_____________________________________________
Secure Shell or SSH is a network protocol that allows data to be exchanged over a secure channel between two computers. Encryption provides confidentiality and integrity of data. SSH uses public-key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user, if necessary.
SSH is typically used to log into a remote machine and execute commands, but it also supports tunneling, forwarding arbitrary TCP ports and X11 connections; it can transfer files using the associated SFTP or SCP protocols.
now, in this posting i’ll describe some usage from ssh client for tunnelling:
- X11 Display forwarding
- This type tunnel can be done with this additional command line:
-X
example:
ssh -l wafa@myserver -X
- This methode explain that, all my display will exported to my local X Server, with note that you have install your local XServer (for windows you can install XWin32 or eXceed or another XServer for win32, but for linux/unix this is preinstalled package when u install desktop environment)
- Local Port forwarding
- This type tunnel can be done with this additional command line :
-L [bind ip address:]localport:remote ip address:remoteport
example:
-L 127.0.0.1:8080:208.80.152.42:8080 - This method can be explain like this, you can access remote address and port from your localhost port 8080, this method can be used to create a tunnel to your internal imap/pop3/smtp server when you at outside your internal office network.
e.q :
-L 127.0.0.1:143:192.168.0.5:143
=> 192.168.0.5 : your internal imap server
=> 127.0.0.1:143 : for your mail client setting
- Remote Port forwarding
- This type tunnel can be done with additional command line :
-R bind remote ip address:remoteport:
[local ip address:]localport
example:
-R 208.80.152.42:8080:127.0.0.1:8080
- This type tunnel useful when you need a back access to your local server from your remote server, this type tunnel is the opposite of local port forwarding.
- Local Dynamics Port Forwarding a.k.a Socks Tunnel
- This type is commonly used if you need full access to your remote network, this tunnel work like a socks proxy, ssh support both socks 4 & 5, this type tunnel can be done with this additional command line :
-D [bind ip address:]localport
example:
-D 127.0.0.1:8080
for some security reason there is some additional tips and command to deal with tunneling, such as:
- using pair keys, you will nedd this to by pass password prompting, u can use this when u already have pair key generated by ssh-keygen
- do not execute remote command, just do the tunnel, this can be done with additional options : -N
_____________________________________________
with loves, with efforts, with knowledges
knowing the best for ur best
__illuminator__
http://wafa.web.id
_____________________________________________