Objective: I want to access my internal website from home so I can do work.
Computers involved:
- sharms-desktop: My home desktop
- sharms-server: Server at work with an External IP that allows port 22 to connect to it
- sharms-webdev: Server at work with the webpage I need to work on
How to do it
This is actually super easy. All we need to do is create an “ssh tunnel” that will allow us to go from sharms-desktop to sharms-server to sharms-webdev. I made a pretty picture to illustrate:
And now the goods, here is exactly what I type, and thats it:
sharms-desktop ~# ssh -N -f -L 10001:sharms-webdev:443 sharms@sharms-server
Now when I point my browser to https://localhost:10001 I am actually seeing the page as if I were on the lan at https://sharms-webdev. Change port 443 to 80 if you are not using ssl. Also the -N means we don’t actually want to open up a new ssh session to run commands, -f means go ahead and run in the background, and the -L lets you specify the tunnel parameters.
Related posts:
#1 by Dave Barry on May 27, 2008 - 5:58 pm
Quote
Better yet, run something like tinyproxy on sharms-server in addition to the above setup, then do
ssh -N -f -L 3389:sharms-server:3389
(assuming tinyproxy is listening on 3389.
Then configure the browser on sharms-desktop to use a proxy on localhost:3389. Then you can not only access sharms-webdev, but any machine on the internal work network.
#2 by Alphager on May 28, 2008 - 5:54 am
Quote
Even better would be using the feature “dynamic tunnel” which is build-in to ssh
http://linux.byexamples.com/archives/115/ssh-dynamic-tunneling/