原贴:http://cb.vu/unixtoolbox.xhtml#ssh
Suppose we want to forward the ssh port from a client to a server over two hops. Once the tunnel is build, it is possible to connect to the server directly from the client (and also add an other port forward).
Dig a multi-hop ssh tunnel
Suppose you can not reach a server directly with ssh, but only via multiple intermediate hosts (for example because of routing issues). Sometimes it is still necessary to get a direct client - server connection, for example to copy files with scp, or forward other ports like smb or vnc. One way to do this is to chain tunnels together to forward a port to the server along the hops. This "carrier" port only reaches its final destination on the last connection to the server.Suppose we want to forward the ssh port from a client to a server over two hops. Once the tunnel is build, it is possible to connect to the server directly from the client (and also add an other port forward).
Create tunnel in one shell
client -> host1 -> host2 -> server and dig tunnel 5678client># ssh -L5678:localhost:5678 host1 # 5678 is an arbitrary port for the tunnel host_1># ssh -L5678:localhost:5678 host2 # chain 5678 from host1 to host2 host_2># ssh -L5678:localhost:22 server # end the tunnel on port 22 on the server
扫一扫
565
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
