The magic of SSH port forwarding
June 15th, 2007 by Marcos
The problem - your department’s network won’t let you ssh or connect directly to your work Mac, you can only ssh to one special computer, and then from there you can ssh to your Mac. But, you’d like to be able to use Apple file sharing or sftp directly to your work Mac.
Well, SSH Tunneling (Port Forwarding)[sic] is great, clear, explanation of how to use SSH tunneling to directly connect to an ssh-enabled machine that doesn’t allow ssh connections from people offsite/off-campus, etc. It shows how, even when you can only access the work machine through the “gateway” machine (a situation I face here at UF), that you can setup an ssh tunnel through the gateway machine to access your work machine directly.
The best part about this? I can now use sftp (specifically fugu and its ability to edit external text files in TextWrangler) on my work quad core mac from home. I always knew this sort of thing was possible but … now at last I’ve figured out how to do it!
Update Oh, it gets so much better. Because in addition of using port 22 to forward ssh to your work machine, you can also forward port 548 (appleshare).
So, a variation on the tip from the site would be like so (where work is the Mac on your desk that has ssh and appleshare running (actually for this tip, your Mac only need be running file sharing, not ssh) and gateway is the one machine you’re allowed to ssh into from off-campus.
ssh -l myuserid -L 7778:work:548 gateway cat -
Then minimize this terminal window, and then use the Finder to “Connect to Server” in the Go menu. Enter “localhost:7778″ as the server address and boom, you should see the standard apple file sharing login window for your work machine. Enter your user name, password, and choose what you want to mount. Nice. (I use 7778 here, but you could use 7777. Obviously, if you use 7777 for forwarding port 22, you need to use a different port to forward 548).
Loading ...
0 Responses to “The magic of SSH port forwarding”
Leave a Response