Reverse SSH connection

Imagine that you have a host (named A) somewhere that has no publicly reachable IP address but you would like to connect it via SSH. If this host A can reach outside, then you can reverse SSH into it. Here is the scenario;

Host A (192.168.1.1) —  INTERNET —- Host C (10.10.10.1)

On host A, run the following command;

HostA#ssh -R 2025:localhost:22 usernameC@10.10.10.1

Once you authenticate yourself, this opens a tunnel from Host C to Host A but
from port 2025 to 22. If you want to connect from Host C to Host B back you can simply run;

HostC#ssh -p 2025 usernameA@localhost

Can you see that as if you are connecting to localhost? but indeed connection is tunneled towards the Host A

About: rtoodtoo

Worked for more than 10 years as a Network/Support Engineer and also interested in Python, Linux, Security and SD-WAN // JNCIE-SEC #223 / RHCE / PCNSE


You have a feedback?

Discover more from RtoDto.net

Subscribe now to keep reading and get access to the full archive.

Continue reading