Reverse SSH connection

Imagine that you have a host (named A) somewhere that has no publicly reachable IP address but you would like to connect it via SSH. If this host A can reach outside, then you can reverse SSH into it. Here is the scenario;

Host A ( —  INTERNET —- Host C (

On host A, run the following command;

HostA#ssh -R 2025:localhost:22 usernameC@

Once you authenticate yourself, this opens a tunnel from Host C to Host A but
from port 2025 to 22. If you want to connect from Host C to Host B back you can simply run;

HostC#ssh -p 2025 usernameA@localhost

Can you see that as if you are connecting to localhost? but indeed connection is tunneled towards the Host A

About: rtoodtoo

Worked for more than 10 years as a Network/Support Engineer and also interested in Python, Linux, Security and SD-WAN // JNCIE-SEC #223 / RHCE / PCNSE

You have a feedback?