10

I need to do remote port forwarding that will listen 0.0.0.0 instead of 127.0.0.1 on the remote machine so that I can connect from outside internet to IP_OF_BBB:SOME_PORT in order to connect to SSH port of AAA.

I managed to make this happen by the following:

  1. AAA:~$ ssh -R 22:localhost:2222 user@BBB
  2. BBB:~$ ssh -L 2222:*:2223 user@localhost

Now I can connect to AAA with this command:

ssh user@BBB -p 2223

The local port forwarding is a workaround, of course. Is there any clearer way to do this?

ceremcem
  • 2,792
  • 4
  • 22
  • 51

3 Answers3

19

Enable GatewayPorts in sshd_config (by default it is disabled). Enabling it will instruct sshd to allow remote port forwardings to bind to a non-loopback address. AskUbuntu has a similar question about Reverse Port Tunneling that goes into more details.

Community
  • 1
  • 1
Linville
  • 3,146
  • 1
  • 24
  • 35
  • use @anton-bessonov's [answer](https://stackoverflow.com/a/62142365/210475) to avoid having to modify your sshd_config. – ZombieDev Jun 15 '20 at 15:27
9

As addition to the existing answer you can use ssh -o GatewayPorts=true -L 2222:0.0.0.0:2223 user@localhost

Anton Bessonov
  • 6,992
  • 3
  • 29
  • 33
-1

BBB :ssh command should be:

BBB:~$ ssh -L 2223:*:2222 user@localhost
elcortegano
  • 1,711
  • 10
  • 27
  • 43
firesoules
  • 1
  • 1