Master Reverse SSH Tunneling: Seamlessly Access Firewalled Servers

Reverse SSH is a technique that allows you to access a system located behind a firewall from the external world.

SSH is a secure protocol for encrypted communication between network nodes, enabling remote login and secure file transfer.

<code>$ ssh [your-account-login]@[server-ip]</code>

What is Reverse SSH?

When a firewall blocks incoming connections to a remote server, you cannot directly SSH into it because the firewall only permits connections initiated from the server side.

Reverse SSH solves this by having the server initiate an SSH connection back to your machine using the

-R

option, effectively creating a tunnel that forwards a remote port to your local host.

-R [bind_address:]port:host:hostport Specifies that the given port on the remote (server) host should be forwarded to the given host and port on the local side, establishing a secure channel for each incoming connection.

How to Create a Reverse SSH Tunnel

The friend sitting on the remote server should run the following command on the server:

<code>ssh -fN -R 7000:localhost:22 username@yourMachine-ipaddress</code>

This ensures that any SSH connection to port 7000 on your machine is forwarded to port 22 on the remote server.

Now, from your machine, connect to the forwarded port:

<code>ssh username@localhost -p 7000</code>

The request appears to be local, but it is actually forwarded to the remote host, allowing you to log in with the remote server’s credentials.

To avoid needing a friend each time, set up a permanently reachable machine (e.g.,

machine_z

) that can maintain the reverse SSH tunnel.

On

machine_z

, configure the following settings:

Set

TCPKeepAlive

,

ClientAliveInterval

,

ClientAliveCountMax

, and

GatewayPorts

to appropriate values in

/etc/ssh/sshd_config

or

/etc/sshd_config

.

Restart the

sshd

daemon after any changes.

Run the initial SSH command with

nohup

to keep the session alive after logout.