ssh port mapping
This method is used to perform two-way network penetration in a one-way connected network. It is
suitable for docker containers without port mapping, restricted networks that cannot be accessed in reverse, etc.
One time reverse proxy
Execute the following command on the server/container in the closed network, the result can make the target server access the server/container
ssh -fgN -R <port of target machine>:localhost:<port of limited machine> root@<ip of target machine> -p <ssh port>
One-time forward proxy
Execute the following command on the target server, the result can make the target server access the server/container in the closed network
ssh -fgN -L <port of target machine>:localhost:<port of limited machine> root@<ip of limited machine> -p <ssh port>
Springboard agent
- The server/container in the closed network creates a reverse proxy to the springboard
ssh -fCNR '<port0 of jump machine>:localhost:<port of local machine>' root@<ip of jump machine> -p <ssh port>
- Create a forward proxy inside the springboard
ssh -fCNL '*:<port1 of jump machine>:localhost:<port0 of jump machine>' -o ServerAliveInterval=60 root@<ip of jump machine> -p <ssh port>