banner
ximalaya

ximalaya

这里是openkava 的blog,关注程序开发的一切技术。 ZZ 表示转载的文章,如涉及版权,请和我联系删除。 在这里你可以看到关于以下技术的文章: 移动开发技术,ANDROID ,IOS,WINDOWS PHONE平台开发,企业ERP开发,动态脚本PYTHON ,OPENGL ES 3D技术,游戏开发技术,HTML5 ,JAVASCRIPT ,MYSQL,AMAZON EC2 ,GOOGLE GAE ,GOOGLE CLOUD SQL 等 。 本站发展历程: 2010年,正式把所有的blog移到这里,租用godaddy的空间,记录生活和工作上的一些心得。 下面是关于我的个人介绍,写在这里权当凑字数啦。 职业:软件开发,开发经验6年,管理经验3年; 工作上使用的技术:C#, SQL SERVER 个人使用的技术:PYTHON,PHP, CSS, JAVA ,ANDROID ,object-c 等等 联系我请发邮件:<a href="http://blog.openkava.com/openkava@gmail.png"><img class="alignnone size-full wp-image-96" title="邮箱" src="http://blog.openkava.com/openkava@gmail.png" alt="" width="174" height="24" /></a>

SSH port forwarding function

title: SSH Port Forwarding Functionality
date: 2012-08-27 12:10:53
tags:#

SSH has port forwarding functionality.

There are three powerful port forwarding commands in SSH:

chmod 700 xxx.pem # xxx.pem is a personal certificate

ssh -C -f -N -g -D 8000 -i xxx.pem root@xx.com

This command generates port 8000, which can be used as a socket4 proxy.

QUOTE:

ssh -C -f -N -g -L listen_port:DST_Host user@Tunnel_Host
ssh -C -f -N -g -R listen_port:DST_Host user@Tunnel_Host
ssh -C -f -N -g -D listen_port user@Tunnel_Host
-f Fork into background after authentication.
Authenticate the user/password in the background, usually used with -N to avoid logging into the remote host.

-p port Connect to this port. Server must be on the same port.
The sshd service port of the SSD server being logged in.

-L port:host
Forward a specific port on the local machine (client) to a specified port on a remote machine. The working principle is as follows: a socket is allocated on the local machine to listen on the port. Once a connection is made on this port, the connection is forwarded through the secure channel, and a connection is established between the remote host and hostport. Port forwarding can be specified in the configuration file. Only root can forward privileged ports. IPv6 addresses are specified in a different format: port/host/hostport.

-R port:host
Forward a specific port on the remote host (server) to a specified port on the local machine. The working principle is as follows: a socket is allocated on the remote host to listen on the port. Once a connection is made on this port, the connection is forwarded through the secure channel, and a connection is established between the local host and hostport. Port forwarding can be specified in the configuration file. Only root can forward privileged ports. IPv6 addresses are specified in a different format: port/host/hostport.

-D port
Specify a "dynamic" application port forwarding on the local machine. The working principle is as follows: a socket is allocated on the local machine to listen on the port. Once a connection is made on this port, the connection is forwarded through the secure channel, and based on the application protocol, it can be determined where the remote host will connect. Currently, SOCKS4 protocol is supported, and it will act as a SOCKS4 server. Only root can forward privileged ports. Dynamic port forwarding can be specified in the configuration file.

-C Enable compression.
Enable data compression during transmission.

-N Do not execute a shell or command.
Do not execute scripts or commands, usually used with -f.

-g Allow remote hosts to connect to forwarded ports.
In the -L/-R/-D parameters, allow remote hosts to connect to the established forwarded ports. If this parameter is not included, only the local host is allowed to establish connections.

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.