I've setup a Linux box at Work and trying to remote into it from Home using reverse SSH.

I've been reading a lot from Google searches and spent over 12 hours trying to do this, but can't figure it out. I don't know where my misunderstanding is coming from. Very good articles out there, but haven't worked for me or I'm doing it wrong.

My Setup - Test Environment

Home Network
WAN: 77.105.111.111 (Fake WAN for this post)
192.168.2.91 - Linux Server with SSH/xRDP (Call it middleman?)
192.168.2.100 - Windows Desktop

Work Network
WAN: 66.105.222.222 (Fake WAN for this post)
192.168.40.10 - Windows host with Virtualbox
192.168.40.146 - Debian 8 in Virtualbox from Windows Host

I have Debian 8 (192.168.40.146) installed on the Work Network on Virtualbox from a Windows Host. Later will use a Raspberry Pi at Work instead of VirtualBox once this is figured out.

On the Home Network I have port 22 forwarded to 192.168.2.91 (Linux SSH Server) on my router. Username on both Linux boxes is Ken. I've created SSH keys for no password login with Ken. Tested and working fine.

What I've done so far is do this on the Work Network Linux box (192.168.40.146):

ssh -R 2222:localhost:22 ken@77.105.111.111

Then at Home I use Putty to ssh into Linux SSH Server (192.168.2.91) from my home Windows desktop which is 192.168.2.100. My Home Linux SSH Server is the middleman from my understanding. Once I've used Putty to SSH into 192.168.2.91 I run the command:

ssh -l ken -p 2222 localhost

Then I'm prompted for password of Ken at Work and I'm reversed in with SSH.

Now this is fine. I can type shell commands on the Work Linux box now and do like ifconfig and stuff. Now I want to either RDP into my Work Windows computer or xRDP into the Work Linux virtualbox so I have a desktop. RDP and xRDP work fine locally while I'm at work.

I can't for the life of me get RDP or xRDP to work after doing the SSH reversal.

The way I'm understanding this, I need to create the reverse tunnel so I can reverse a connection from work to home to get around the work firewall. After that I want to RDP into my Work Windows computer. I haven't been able to do this so I installed XFCE and xRDP on the Work Linux virtualbox. Still can't get into Work Windows RDP or Linux xRDP. I've been using xRDP instead of straight up VNC for years now with no issue to get to my Linux desktops (not with reverse SSH yet).

So what I did next was think, okay I have a connection to my work computer at home with SSH so I'll create another tunnel from work to home.

ssh -L 33389:localhost:3389 ken@77.105.111.111

This give no error from the Work Linux virtualbox so I'm thinking good to go. Then from my Home Windows Putty login to my SSH box I try:

ssh -l ken -p 33389 localhost
OR
ssh -l ken -p 3389 localhost

and it goes to the next line, but doesn't ask for a login like if I used 2222 and seems stuck unless I ctrl+c.

I'm thinking maybe it's working, maybe not giving me the shell prompt because it's doing the tunnel. Back on Home Windows box (192.168.2.100) I've tried all the Putty settings for local/remote in SSH/Tunnels section, but doesn't work.

So I xRDP into my Home Linux SSH server (192.168.2.91) from my Home Windows box so I have an XFCE desktop. I try to rdesktop localhost:3389 and I've tried rdesktop localhost:33389 but no go.

I've tried all sorts of combinations from the Work Linux box (192.168.40.146), but none of them seem to work for me

Examples I've tried:
ssh -R 33389:192.168.40.10:3389 ken@77.105.111.111
ssh -R 33389:192.168.40.146:3389 ken@77.105.111.111
ssh -R 33389:localhost:3389 ken@77.105.111.111
ssh -R 22333:192.168.40.10:3389 ken@77.105.111.111
ssh -L 33389:192.168.40.10:3389 ken@77.105.111.111
ssh -L 33389:localhost:3389 ken@77.105.111.111

No errors doing any of this from Work Linux box. Doesn't help at all when I'm at Home though.

I hope I've explained this where it makes sense. Spent so much time on this I'm going brain dead.

Please someone help me.

The first step will be to get the Debian 8 install to port forward an incoming port (say 3390) to the RDP port 3389 on the Work Windows host @192.168.40.10.
Then, when you connect from your home Linux server @192.168.2.91 use
so that the port 3390 is forwarded by the Debian 8 install to the Work Windows host.
You can test whether this is working by running, on the home Linux server, something like
I do not use Putty, so extending this to go from Home Windows to Work Windows, I will have to leave to you.

There are two kinds of forwarding, local and remote. "Local" vs "remote" and "forward" vs "reverse" names are always confusing to me, so I prefer to think of it like this:

Set up a local listening port (compA = machine initiating the connection):
"This is how I'm going to connect to you"
then from compA, connect to compA:compAport to be forwarded to compB:compBport

Set up a remote listening port (reverse tunnel) (compA = machine initiating the connection):
"This is how you can connect to me"
then from compB, connect to compB:compBport to be forwarded to compA:compAport

Since your work machine is behind a firewall, and your work machine is what you want to connect to, it's going to have to be a reverse tunnel initiated from the work computer, where compAport in the command above is 3389. That will connect a port of your choosing on your home computer directly to 3389 on your Windows machine at work. Something like the following should work

On your Windows machine at work:
Then from your home Linux machine (the one you accessed with user@77.105.111.111 above):
Or from your home Windows machine:
Provided you have GatewayPorts set to yes in sshd_config on the Linux machine and port 9999 opened up in the firewall on the Linux machine.

Sorry, busy weekend and couldn't try this out.

Thanks a lot for the write up. Based on what you wrote, am I doing this in the correct order? There are 2 ways I have tried but going to list the way I've tried the most first. Names are examples.

1) From Windows work computer with Virtualbox/Debian type == ssh -R 2222:localhost:22 ken@homeipaddress.com (where my linux ssh server is.) This brings me to a prompt with ken@homelinuxserver so I know I'm in.

2) When I get home, I get on my Windows desktop and use Putty to ssh into my home linux ssh server (ken@homelinuxserver).

3) Once Putty'd into my homelinuxserver I type == ssh -l ken -p 2222 localhost this lets me back into the work Virtual/Debian with prompt ken@worklinux-vbox and can run commands just fine.

4) So I have a reverse ssh back to work from home. I'm hoping this is what opens up a portal beyond SSH or something back to my work network? I've added in custom gateway line and other forwarding to ssh_config file on both linux boxes.

5) Then from my home Windows desktop I change the Putty settings in "Tunnels" with Source port: 33389 and Destination: 192.168.40.10:3389 (Work Windows Desktop) and set to Remote. (Now I've tried different combinations after all this with Remote and Local and different ports.)

6) I then from home Windows desktop with Putty window and ssh'd back to ken@worklinux-box I run command == ssh -L 33389:192.168.40.10:3389 ken@homelinuxserver

7) The Putty window freezes and I have to kill Putty each time. I use TeamViewer to remote into my Work Windows Desktop to check Virtualbox/Debian and it's doing fine still running the reverse ssh to my home logged in. So run the ssh -L 33389:192.168.40.10:3389 ken@homelinuxserver and then open Putty back up on home Windows computer, SSH back into work with reverse hoping that opens a portal/gateway again and then....

8) I open MSTSC and type in localhost and nothing. I've tried 127.0.0.2, but that keeps looping back to my Windows computer. I've tried localhost:33389 and it times out. It seems like it wants to work because when I have the remote/local settings changed in Putty tunnel config, when I run MSTSC then localhost it says I'm already remoted into my Windows machine so I know localhost is actually localhost and not localhost forwarded from linuxbox.

8a) I've also done ssh -R 33389:localhost:3389 ken@homelinuxserver from work Virtualbox/Debian and then from home I would login to the actual home linux ssh server using XFCE then trying rdesktop localhost or rdesktop 127.0.0.1 and other combinations, but that doesn't work either.

I hope I've explained this where you understand my miss understanding and can help.

Your first tunnel connects port 2222 on your home Linux machine to port 22 on your work Windows machine. This tunnel can only be used for ssh connections since it only connects to port 22 on the Windows machine. It does not connect to port 3389 on the Windows machine, so it cannot be used for remote desktop or any other services.

If your goal is to be able to ssh into the Windows machine from home, then steps 1-3 are correct. If your goal is to be able to rdesktop into the Windows machine from home, then steps 1-3 are completely irrelevant and unnecessary.

Since you never set up a tunnel to port 3389 on the Windows machine, steps 5-8 will of course all fail.

Step 8a is correct, all you need to do then connect to localhost:33389 with your rdesktop command on your home Linux machine. If you want to rdesktop from your home Windows machine, you have two options:
1) Turn on GatewayPorts on your linux box and open a hole in the firewall for port 33389, then rdesktop to 192.168.2.91:33389 from your Windows machine
2) Open an ssh tunnel using Putty to connect some random port of your choosing to port 33389 on the linux machine, then rdesktop to localhost:yourrandomport from your Windows machine

This is awesome. Been able to get part of this to work. This is how it's working for me so far, but want to get it working within Windows.

At work I run this commend from Virtualbox/Debian: Tried 2 ways (Did not run these at same time. Tested 1) and then 2).

1) ssh -R 33389:localhost:3389 ken@homeipaddress -- Lets me rdesktop localhost:33389 into the Virtualbox/Debian XFCE desktop at work.

2) ssh -R 33389:192.168.40.10:3389 ken@homeipaddress -- Lets me rdesktop localhost:33389 into the Windows Desktop at work.

So at home from my Windows desktop I use RDP Remote Desktop to get into my Linux SSH server's desktop that has XFCE through xRDP.
I can run: rdesktop localhost:33389 and RDP into the Work Virtualbox/Debian(localhost:3389) or WindowsDesktop(192.168.40.10:3389) and works great.

This is great as you have helped me get this far and loving it. Learned a lot. Now that it's working from Linux to Linux, how can I get this to work with Windows? Right now I have to remote into my Linux SSH Server to be able to "rdesktop" back into Work computers. How can I use Putty so I can use my Home Windows Desktop to RDP back into work without having to be at my Linux SSH Server at home?

I've tried the tunnel settings, but I must have something wrong. Do you use Putty by change?

Another question, is there a way to wildcard the work subnet so I can forward whatever traffic I want back to work or do I have to provide each port and type ssh -R 33389:192.168.40.10:3389 ken@homeipaddress and change the IP:Port each connection?

Please see #1 and #2 in my previous post about using the tunnel to rdesktop from your Windows machine.

I figured out how to use Putty and Windows RDP.

Ran this from work Virtualbox/Debian: ssh -R 33389:192.168.40.10:3389 ken@homeipaddress

From home, I configured Putty like below from my Windows Desktop:
- Session - IP address of middleman SSH server (192.168.20.50)
- Connection - SSH - Enable Compression
- Connection - SSH - Tunnels
Leave both unchecked at top.
Source port: 3333
Destination: localhost:33389
Select Local

Saved and pressed connect to my home Linux SSH server with Putty from my home Windows Desktop.

Opened Windows Remote Desktop (mstsc) and used localhost:3333 and was able to get into my work Windows Desktop on 192.168.40.10.

WOOOOOOOOOOT!

Thanks for the help.

How can I wildcard this and use something like ssh -R *:*:* ken@homeipaddress to use whatever I wanted at work almost like a VPN without specifying each IP:Port?

Or do I have to do something like below for each IP I want to connect to?

ssh -R 2222:localhost:22 ken@homeipaddress (work linuxbox)
ssh -R 33389:192.168.40.10:3389 ken@homeipaddress (work windowsbox)

Which I think will give me Remote Desktop and SSH in the same command line. I'd like to be able to get access to another computer like 192.168.40.9:3389 and others without specifying a line for each if possible. Open up the entire work local subnet to my home desktop like a VPN.

I don't believe you can, that's not how tunneling works

Yes, you need a separate tunnel for each port on each machine. A tunnel connects a specific port on one machine to a specific port on another machine. If you want to change anything on either side, you need a separate tunnel.



FYI - opening up reverse tunnels between work and your home is a violation of many company policies. It can even be a fireable offence, because it bypasses the company firewall and can open up internal resources to insecure machines. You should verify this is alright with your IT department before going any further.

If you set up port forwarding (port 3390 to port 3389 at 192.168.40.10 and port 3391 to port 3389 at 192.168.40.9) on your Debian 8 install, then a single tunnel from your Debian 8 install to your home Linux server could be used to connect to multiple Windows PCs in the work intranet.
You are setting up the tunnel from work with
With port forwarding in place, then you can connect back to work using the command (run on the home Linux server)
With the home to work connection in place, you can connect via port 3390 to the work Windows PC at 192.168.40.10 and connect via port 3391 to the work Windows PC at 192.168.40.9

@suicidaleggroll - Good thing is I am the I.T. I'm doing it to learn how this works. I'm not good at reading text and understanding things too much unless I put it into practice to see how it works and tearing it apart at the same time.

@allend - Thanks for the info. Since can't do a wildcard I'll have to Reverse SSH on port 2222/22 to get back into work and then start new tunnels for RDP or whatever else if needed. Have autossh running now and haven't dropped a connection yet. Had to change the ssh timeout which was giving issues.

I'm hoping this post might help me out better since now I have the reverse ssh with different ports working other than 2222/22.
http://toic.org/blog/2009/reverse-ss.../#.VZVX_kY_dDA

Thanks everyone for the help.

I should have posted this reference in my first post, but this site helped me with the initial understanding and maybe it can help someone else.
http://www.tunnelsup.com/raspberry-p...ote-ssh-tunnel