0

I'm trying to figure out how to set up a shh tunnel between client and two servers. I need client to connect to ServerB via ServerA.

These are the facts:

  • Client can connect to ServerA (via public IP).
  • Client cannot connect to ServerB.
  • ServerA cannot connect to ServerB. (Server is remotely separated from ServerA and behind NAT).
  • ServerB can connect to ServerA (via public IP).
  • Neither ServerA or ServerB can connect to host. (Client does not have a public IP).

What would be the ssh command(s) to set it up exactly?

JohnyFailLab
  • 133
  • 3
  • 9
  • You'll either need to allow inbound traffic to server B from server A, or build a reverse tunnel (where server B starts the connection to A and keeps it open). – Panki Mar 18 '22 at 13:10
  • @Panki Thanks for the feedback Panki. I'm actually having issue with figuring out the ssh command(s) I would need to use to create such a tunnel. You might help me with that? – JohnyFailLab Mar 18 '22 at 13:18
  • As I understand it, it is not possible with a single command. You'll have to 1) build a reverse tunnel from B to A b) Connect to A from client and use the tunnel. This question is a good starting point. – Panki Mar 18 '22 at 13:27

2 Answers2

0

You'd connect client to server A, server B to server A, and tunnel via server A.

On client:

ssh -L 2200:127.0.0.1:2200 user@serverA

On server B:

ssh -R 2200:127.0.0.1:22 user@serverA

Then to SSH from client to server B, you'd simply run (from the client):

ssh -P 2200 user@serverB

Ron
  • 311
  • Thanks Ron. I actually already figured it out, however. At least thanks to your feedback I know it's the right way how to do it. :) – JohnyFailLab Mar 19 '22 at 16:22
0

This is how I figured it out.

On Client:
ssh -A user@ServerB

On ServerB
ssh -N -R 44444:localhost:22 user@ServerA -p 2222

-p 2222 in my case SSH server is not listening on the default port 22

On Client:
ssh user@localhost -p 44444

JohnyFailLab
  • 133
  • 3
  • 9