Ubuntu Server 20.04 LTS server configures frp intranet penetration to realize SSH remote access to intranet

Ubuntu Server 20.04 LTS server configures frp intranet penetration to realize SSH remote access to intranet

1. Requirements
There is an existing intranet server, and the installed Ubuntu Server 20.04 LTS needs to access the intranet server through remote SSH connection anytime and anywhere through the external network

2. Determine the current operating environment
    2.1. One Elastic Cloud Server ECS, bound to the public network ip, the system is CnetOS7 or other Linux distributions
    

3. What is frp
Frp introduction
frp is an open source, simple and easy-to-use, high-performance intranet penetration and reverse proxy software that supports tcp, udp, http, https and other protocols.
Working principle of frp
The server runs, listens to a main port, and waits for the connection of the client; the
client connects to the main port of the server, and at the same time tells the server the port to listen to and the forwarding type; the
server forks a new process to listen to the port specified by the client ;
External network users connect to the IP of the server and use the remote port specified by the client. The server forwards the data to the client through the connection with the client; the client process then forwards the data to the local service, thereby realizing the external exposure of the intranet
service Ability.

4. The server
obtains the frp installation package corresponding to the system architecture.
The project address is https://github.com/fatedier/frp

下载链接 https://github.com/fatedier/frp/releases/download/v0.44.0/frp_0.44.0_linux_amd64.tar.gz
下载
[root@ecs-168228 ~]# wget https://github.com/fatedier/frp/releases/download/v0.44.0/frp_0.44.0_linux_amd64.tar.gz
解压
[root@ecs-168228 ~]# tar xzvf frp_0.44.0_linux_amd64.tar.gz
修改服务端配置文件
[root@ecs-168228 ~]# vim frp_0.44.0_linux_amd64/frps.ini
frp监听的端口，默认是7000，可以改成其他的
[common]
#bind_port = 7000
bind_port = 7001
启动frp服务
[root@ecs-168228 ~]# yum install screen -y
[root@ecs-168228 ~]# screen -S frps
[root@ecs-168228 ~]# /root/frp_0.44.0_linux_amd64/frps -c /root/frp_0.44.0_linux_amd64/frps.ini
输出" frps started successfully"表示启动成功
键盘按住ctrl+a再按d,将当前会话放到后台运行
其他操作
screen -ls 列出当前所有的session
screen -r yourname 回到yourname这个session

Add inbound rules to the cloud server security group
Security group-configuration rules-inbound rules-add rules-TCP port 7001

5. The client (intranet server)
obtains the frp installation package corresponding to the system architecture.
The project address is https://github.com/fatedier/frp

下载链接 https://github.com/fatedier/frp/releases/download/v0.44.0/frp_0.44.0_linux_amd64.tar.gz
下载
[root@ecs-168228 ~]# wget https://github.com/fatedier/frp/releases/download/v0.44.0/frp_0.44.0_linux_amd64.tar.gz
解压
[root@ecs-168228 ~]# tar xzvf frp_0.44.0_linux_amd64.tar.gz
修改客户端配置文件
dq@localhost:~$ vim frp_0.44.0_linux_amd64/frpc.ini
内容如下
[common]
server_addr = 公网ip
#server_port = 7000
server_port = 7001

[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
#remote_port = 6000
remote_port = 60001
注意"server_addr = "写的是公网服务器frp服务端的弹性公网ip
启动frp服务
dq@localhost:~$ sudo apt-get install screen
dq@localhost:~$ screen -S frpc
dq@localhost:~$ /home/dq/frp_0.44.0_linux_amd64/frpc -c /home/dq/frp_0.44.0_linux_amd64/frpc.ini
输出"[ssh] start proxy success"表示启动成功
键盘按住ctrl+a再按d,将当前会话放到后台运行

Add an inbound rule to the cloud server security group
Security group-configuration rules-inbound rule-add rule-TCP port 60001

6. SSH to connect to the intranet server
ssh intranet server user name@public server ip remote_port port set in the intranet