SSH stands for Secure Shell and was designed to replace telnet since it provides remote control of a machine but with robust security. Linux users would have heard about this but if do not know how to run and use its features to the fullest then hop on.
SSH has evolved to incorporate features such as forward port tunneling, reverse port tunneling and dynamic port tunneling. This article will cover the basic setup and installation of SSH servers on Windows and Linux based Ubuntu. Steps will almost be the same on other distros.
Please note that port forwarding was originally introduced to allow incoming packets in a NAT environment but similar features were implemented in SSH and therefore the name SSH port forwarding.
It can be visualized as an outbound tunnel where data is forwarded from the client 'towards' the server.
There are a few things to note:
1. First an SSH connection is set up therefore you need an SSH client and server running properly.
2. Once the forward tunnel has been set up , the data will pass through the tunnel and the receiving end will direct all the data to the mentioned port number.
Setting up port forwarding (WIndows)
Download FreeSSHD from the link posted below. This is a free software which runs SSH and telnet server. After installation you will be asked to generate a set of keys. Create them as they will be used to ensure integrity of the remote user.Now add a user account and assign a password. This account name will be used to login remotely.
If the SSH server is behind a NAT connection , eg home ADSL connection then you will need to allow incoming connections to port 22. Refer to this link if you want to have a brief idea on how to implement the aforementioned scheme (confusingly know as NAT port forwarding).
Try to establish a normal connection using putty, available in Windows and Linux.
Such a tunneling can be very useful if you want to access a remote service securely. Eg consider a scenario in which you need to access a remote web server securely. Then all you need to do is set up a forward ssh tunnel with the remote machine and entering the following configuration:
So when any data is sent to port number it will be redirected through the ssh tunnel where the remote end will redirect the traffic to the destination address.
The above configuration will cause it to redirect all the traffic from local pc's port number 8080 to the remote machine through the ssh tunnel where the remote end will redirect the traffic to localhost , which means itself, port 80. Clearly if the remote machine is running a web server all its content will pass through the ssh tunnel in encrypted, thus secure way.
Thus Forward tunnels have a very special use and can be used to bypass any firewalls or content filtering services and access remote machines with ease. The above schematic shows data transferred from local host to the remote server. Note how the data is internally directed from port 8181 to port 80.
More on Reverse Port tunneling and dynamic port tunneling in some later post.
Ubuntu users can install openssh server using the following command:
sudo apt-get install openssh-server(config files are stored in /etc/ssh/sshd_config)
also a linux version of putty is available and can be obtained using synaptic package manager.
Some important commands:
Start OpenSSH Server:
sudo /etc/init.d/ssh start
Stop openssh server:
sudo /etc/init.d/ssh stop
Restart the server:
sudo /etc/init.d/ssh restart
1. FreeSSHD homepage
2. Learn NAT Port Forwarding
3.Wiki on SSH
4.More info
SSH has evolved to incorporate features such as forward port tunneling, reverse port tunneling and dynamic port tunneling. This article will cover the basic setup and installation of SSH servers on Windows and Linux based Ubuntu. Steps will almost be the same on other distros.
Please note that port forwarding was originally introduced to allow incoming packets in a NAT environment but similar features were implemented in SSH and therefore the name SSH port forwarding.
SSH Forward Port forwarding
It can be visualized as an outbound tunnel where data is forwarded from the client 'towards' the server.
There are a few things to note:
1. First an SSH connection is set up therefore you need an SSH client and server running properly.
2. Once the forward tunnel has been set up , the data will pass through the tunnel and the receiving end will direct all the data to the mentioned port number.
Setting up port forwarding (WIndows)
Download FreeSSHD from the link posted below. This is a free software which runs SSH and telnet server. After installation you will be asked to generate a set of keys. Create them as they will be used to ensure integrity of the remote user.Now add a user account and assign a password. This account name will be used to login remotely.
If the SSH server is behind a NAT connection , eg home ADSL connection then you will need to allow incoming connections to port 22. Refer to this link if you want to have a brief idea on how to implement the aforementioned scheme (confusingly know as NAT port forwarding).
Try to establish a normal connection using putty, available in Windows and Linux.
Such a tunneling can be very useful if you want to access a remote service securely. Eg consider a scenario in which you need to access a remote web server securely. Then all you need to do is set up a forward ssh tunnel with the remote machine and entering the following configuration:
So when any data is sent to port number it will be redirected through the ssh tunnel where the remote end will redirect the traffic to the destination address.
The above configuration will cause it to redirect all the traffic from local pc's port number 8080 to the remote machine through the ssh tunnel where the remote end will redirect the traffic to localhost , which means itself, port 80. Clearly if the remote machine is running a web server all its content will pass through the ssh tunnel in encrypted, thus secure way.
Thus Forward tunnels have a very special use and can be used to bypass any firewalls or content filtering services and access remote machines with ease. The above schematic shows data transferred from local host to the remote server. Note how the data is internally directed from port 8181 to port 80.
More on Reverse Port tunneling and dynamic port tunneling in some later post.
Ubuntu users can install openssh server using the following command:
sudo apt-get install openssh-server(config files are stored in /etc/ssh/sshd_config)
also a linux version of putty is available and can be obtained using synaptic package manager.
Some important commands:
Start OpenSSH Server:
sudo /etc/init.d/ssh start
Stop openssh server:
sudo /etc/init.d/ssh stop
Restart the server:
sudo /etc/init.d/ssh restart
Other Useful Links:
1. FreeSSHD homepage
2. Learn NAT Port Forwarding
3.Wiki on SSH
4.More info
No comments:
Post a Comment