Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 07-05-2010, 01:14 PM   #1
LQ Newbie
Registered: Jun 2010
Posts: 19

Rep: Reputation: 0
SSHing to a box behind a NAT. (almost there)

Hi, I have a linux box ('remoteserver') behind a NAT. Remoteserver connects to ('gatewayserver'), which has a public ipaddress and can be accessed anywhere in the world. I want to ssh into remoteserver from anywhere in the world using my 'clientpc'.

clientpc --> internet --> gatewayserver (w/ public ip address) --> remoteserver (only accessible from devices on the same local network, like gatewayserver).

My constraints are as follows:
*)I have absolutely no access to the NAT router or firewall that sits on top of gatewayserver and remoteserver.
*)Gatewayserver is running a ssh server that is accessible from the internet. I have a standard user account to this ssh on gatewayserver, but no root or sudo access.
*)Remoteserver has a ssh server that is accessible only from devices on the local network (like gatewayserver). I have root access to remoteserver and want to ssh into this, but must do it through gatewayserver.

My solution: use openssh reverse tunnelling/port forwarding. The command I run on remoteserver is this:

remoteserver$ ssh -R 9999:localhost:22 gatewayuser@gatewayserver.

This command forwards any activity on port 9999 on gatewayserver's loopback server and forwards it to port 22 on remoteserver. THIS WORKS. All I need to do to take advantage of this method to access remoteserver is this:

clientpc$ ssh gatewayuser@gatewayserver
gatewayuser@gatewayserver$ ssh localhost 9999

I am perfectly happy with this method, but I was wondering if I could reduce this to one ssh command. After some internet searching, I found that it is indeed possible if the sshd on gatewayserver has option GatewayPorts Yes in the sshd_config file. What GatewayPorts does (if allowed) is let machines like clientpc (and other machines on the internet like clientpc1, clientpc2, clientpc3) connect to the forwarded port like 9999 above. This means if one were to run nmap on gatewayserver, they would find port 9999 open. If GatewayPorts were forwarded, on client machine I could run the following command and access remote machine in one step:

First, set up the reverse tunnel from gatewayserver --> remoteserver:

remoteuser@remoteserver$ ssh -R *:9999:localhost:22 -g gatewayuser@gatewayserver

Then to clientpc-->gatewayserver-->remoteserver, I could:

clientpc$ ssh remoteuser@gatewayserver -p 9999

and in theory I would connect automatically through gatewayserver into remoteserver.

The Problem:

after running

remoteuser@remoteserver$ ssh -R *:9999:localhost:22 -g gatewayuser@gatewayserver

if I log into gatewayserver and run

gatewayuser@gatewayserver$ netstat -l

the following shows for port 9999:

tcp 0 localhost:9999 listen.

when I want it to look like:

tcp 0 *:9999 listen

What this means:
On gatewayserver, in sshd_config, GatewayPorts is defaulted to off and the sysadmin didn't turn it on. I don't know the sysadmin to ask to have it turned on either. So my question is, is there a way to bind a public port to a localhost port, because if there were, then I could bind, say, public port 9999 to gatewayserver's loopback server port 9999 which would then go to remoteserver port 22 because of the reverse ssh tunnel I set up.

So to recap because I probably gave more info than was needed, I'm looking for a way to open a public port and bind it to a port on loopback server, doing this without root access, but with a user account. Is this possible?

Thank you guys for being there when we need you!
If any of this was unclear, please ask!


Last edited by unraisedarc; 07-05-2010 at 01:16 PM. Reason: clarity
Old 07-05-2010, 03:27 PM   #2
LQ Newbie
Registered: Jun 2010
Posts: 19

Original Poster
Rep: Reputation: 0

Scratch the reverse tunnel method. I think I can do it the following way. I am able to bind all incoming tcp6 requests on gatewayserver port 50000 to remoteserver port 22, with this command:

gatewayuser@gatewayserver$ ssh -L [::]:50000:localhost:22 remoteuser@remoteserver

gatewayuser@gatewayserver$ netstat -l
tcp6 [::]:50000 [::]:* LISTEN

How would I force ssh to use ipv6 when on clientpc?
Old 07-06-2010, 08:25 PM   #3
Registered: Mar 2009
Posts: 32

Rep: Reputation: 22
Can't you just call another ssh session from the gateway account? This can all happen on the 1 command line from the client PC:

clientpc$ ssh -t-t gatewayuser@gatewayserver ssh remoteuser@remoteserver

Use Public Key authentication for both ssh sessions so no passwords are going over internet.

Your 2nd question (How would I force ssh to use ipv6 when on clientpc?). Just setup ~/.ssh/config on the clientpc as follows, you can also specify gatewayuser to avoid having to specify this on the command line:
host gatewayserver
hostname <ipv6 address>
user gatewayuser

Last edited by simon.sweetman; 07-06-2010 at 08:33 PM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
SSHing to server behind NAT? genmaicha Linux - Networking 7 04-17-2009 01:50 AM
linux NAT box is spacing out Leb_CRX Linux - Networking 2 04-04-2007 10:22 AM
Problem with my NAT box aq_mishu Linux - Security 2 12-19-2005 05:24 PM
SSH to a box behind NAT mattp Linux - Networking 4 10-04-2005 02:33 AM
Problems sshing into box Ripshred Linux - Networking 2 11-08-2003 05:27 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:38 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration