Forse non tutti sanno che… ssh permette il forwarding.
$ man ssh
-L [bind_address:]port:host:hostport
Specifies that the given port on the local (client) host
is to be forwarded to the given host and port on the
remote side. This works by allocating a socket to listen
to port on the local side, optionally bound to the
specified bind_address. Whenever a connection is
made to this port, the connection is forwarded over the
secure channel, and a connection is made to host port
hostport from the remote machine. Port forwardings
can also be specified in the configuration file. […] Only
the superuser can forward privileged ports. By default,
the local port is bound in accordance with the
GatewayPorts setting. However, an explicit
bind_address may be used to bind the connection to
a specific address. The bind_address of “localhost”
indicates that the listening port be bound for local use
only, while an empty address or ‘*’ indicates that the
port should be available from all interfaces.
-L [bind_address:]port:host:hostport
Specifies that the given port on the local (client) host
is to be forwarded to the given host and port on the
remote side. This works by allocating a socket to listen
to port on the local side, optionally bound to the
specified bind_address. Whenever a connection is
made to this port, the connection is forwarded over the
secure channel, and a connection is made to host port
hostport from the remote machine. Port forwardings
can also be specified in the configuration file. […] Only
the superuser can forward privileged ports. By default,
the local port is bound in accordance with the
GatewayPorts setting. However, an explicit
bind_address may be used to bind the connection to
a specific address. The bind_address of “localhost”
indicates that the listening port be bound for local use
only, while an empty address or ‘*’ indicates that the
port should be available from all interfaces.
Nel caso vi servisse ridirigere l’input in una porta locale verso un qualcosa di remoto, il gioco è fatto:
$ ssh -v -L 9999:209.85.135.105:80 127.0.0.1
Questa riga permette di collegare la porta 9999 locale con la porta 80 dell’ip 209.85.135.105 – google (è necessario l’inserimento della password dell’utente@127.0.0.1)!
Se per caso doveste ridirigere il traffico da un server ad un altro o voleste un tunnel criptato per accedere a certi servizi (qualcuno ha detto mail?), potrebbe essere utile.
Altre info qua.
Write a comment
You need tologin.