SSH Tunnel Forwarding

Yesterday, I had an idea that remarkably enough, actually worked (go figure, huh). I have a few friends who use Linux on their desktops but aren't quite Linux gurus (but who am I kidding, neither am I as evidenced by this post). Don't get me wrong of course, I'm super proud to have friends that aren't IT people but use Linux on their desktops. That speaks a lot to the quality of the work the Linux community has produced.

Despite the whole Linux thing, they still occasionally have issues and call me for help. Most of the time, I just need GUI access to troubleshoot router issues on their side or something like that. Now, telling someone how to port forward and open up firewall ports on a router you don't know just so you can directly connect to their laptop/desktop through ssh can be really painful over the phone most of the time.

Enter the brick that hit me in the head yesterday...
I was driving to lunch yesterday and began wondering if it would be possible to have two computers tunnel to a central server on the same port and in essence, forward traffic between the ports. As it turns out, this actually works (!!!), and it's really easy too.

So, for our example we'll have three computers Me, Nexus, and Douglas (you know who you are). Nexus is our central server that's accepting ssh connections and Douglas is my friend that needs help. It doesn't matter which order these connections need to be made in. Additionally, we're going to assume that our friend's vnc server is set up and listening on 5901.

First (not really), you need to connect to the central server (nexus.example.com for our example). To do this, open a terminal and type ssh -L 5901:localhost:5901 me@nexus.example.com

Second (again, not really), our good friend Douglas needs to connect to the nexus as well. To do that, he needs to open a reverse tunnel to the nexus using the following command: ssh -R 5901:localhost:5901 douglas@nexus.example.com

Open your VNC client and connect to localhost:5901 and you should be golden!

Please take note of the differences in the two commands we just used. The only difference (aside from the usernames) is the switch used for the tunnel. The -L establishes a standard tunnel and the -R establishes a reverse tunnel, which allows the traffic to be forwarded to another tunnel connected on the same port.

There is one security issue with this that could potentially cause you grief if you don't own the central server. If you don't own the box exclusively, other users on the box could also connect to the reverse tunnel. If you do own the box though, this shouldn't be an issue for you.

Insert clever post ending here