Use SSH port forwarding to achieve remote access to network hosts Remote Desktop (a) establish SSH forwarding

Others 2019-08-25 22:21:32 views: null

The recent replacement of the broadband mobile home after dialing get is the beginning of the 10 network IP, it can not be like before, like remote desktop access from outside the network through the host router's port mapping. In this case you can use one server with a public IP network to act as transit, use SSH tunnel Remote Desktop forwarding function will forward the request to the host within the network.

SSH tunnel

SSH automatically encrypts and decrypts the data network between all SSH client and server, in addition to other SSH also be able to network data to TCP port forwarding through SSH link, and automatically provides the appropriate encryption and decryption services, this feature is also known as "SSH tunnel." SSH tunnel is divided into local forwarding, remote forwarding and dynamic forwarding.

Local Forwarding

Locally on the client listening on the specified port that receives data will be forwarded to the designated port designated IP server network.

Remote Forwarding

In the server listening on the specified port that receives data will be forwarded to the client specified IP local network of designated ports.

Dynamic forward

Locally on the client listening on the specified port, which is actually a SOCKS5 proxy, all requests issued by the server.

Preparing the Environment

  1. The server has a public IP, where the use of cloud Ali ECS
  2. Putty

Server Settings

Edit ssh configuration files, enable GatewayPorts. If GatewayPorts option is not enabled, remote port forwarding only the server can access the external host can not access.

vi / etc / ssh / sshd_config 
at the end add a line 
GatewayPorts yes 

# ssh restart the service 
service sshd restart

Client Settings

Start Putty on the client, enter the server address in the Session.

Switch to the Connection-SSH-Tunnels, enter the listening port outside the network server in the Source port, Destination forwarded enter the IP address and port number in the format IP地址:端口, select the type of forwarding remotely, click Add to add to the list. Here we will map the server port 10000 to the 3389 port of the machine.

 

Select the open, enter a user name and password. After the successful landing view the listening port, port 10000 has been found to listen.

[root@iZwz9ds6obifn90aw8j2khZ ~]# netstat -aon|grep 10000
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN      off (0.00/0/0)

Such a tunnel between the network and the host server has been established, log in to the network through the host port 10000 to the remote access server.

However, using this method every time input on the host controlled manually run Putty username and password, in case of off network, system updates, restart, power outage, etc. can not automatically restore the connection. Then we configured to use SSH certificate avoid dense landing and Autossh automatically reconnect.

Guess you like

Origin www.cnblogs.com/lunarflyer/p/11408721.html
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com