February 24, 2009 Archives

24-02-2009 14:38

Allowing remote access to reverse ssh tunnels

So the logic I applied was if I have a reverse ssh [if you don't know what that is, then search it, you will get loads back on how to set it up] listening on local port I thought I could hit that port from another PC on the network to go back up the tunnel. But no, it never worked. So looking into it I found that by default it only listens on You can check what interfaces/IP its listening on with this command on the server:

netstat -ntl

You will see with the port that you set it up to listen to locally. So I found one needs to added a config to the sshd_config file:

GatewayPorts clientspecified

It can be simply On or Off, but this way the client can stipulate. So how does the client do this? Well you need to say which interface in the command you use to set up the tunnel. So originally I would use:

autossh -2 -fN -M 2000 -R 1234:localhost:22 user@domain.com

I use autossh to keep this alive. So now that will still default to with the "clientspecified" option we have taken. So we need to tell it to listen to an interface an IP is attached to or all interfaces.

autossh -2 -fN -M 2000 -R user@domain.com

You can see where I have added the IP of which means all. You can just put its LAN ip, for example, but then it will not listen on any more.

I hope this helps someone. A lot of this came from this blog here.

Posted by DaveQB | Permanent Link | Categories: IT

24-02-2009 12:00

Apache Proxy

Doing WebDev you sometimes want access to your internal web servers outside of the network. Great tutorial here for setting up Apaches proxy.


Posted by DaveQB | Permanent Link | Categories: IT