Tuesday, 8 January 2013

SSH Chaining / Bunny Hopping

Sometimes you're in a situation where a server on a restricted network needs SSH access to another server outside of that network. Here I explain how an intermediary server (one accessible from both networks) can be used to allow an end-to-end SSH connection.

Host A is inside a restricted network and cannot SSH to the outside world.
Host B is in a different part of the network, is accessible by Host A and _can_ SSH to the outside world.
Host C is a server off on the internet somewhere

On Host A, we use SSH to create a tunnel via Host B to Host C. This opens a local port on Host A (2222) that will forward packets to port 22 on Host C. Note that the packets are encrypted in the tunnel between Host A and Host B but not necessarily between Host B and Host C.

Run from Host A to setup the tunnel:

ssh -f user@hostB -L 2222:hostC:22

Now, to SSH to Host C from Host A simply connect to the localhost using port 2222 and the packets will be forwarded to Host C via Host B.

ssh user@localhost -p 2222

This is particularly useful for transferring files around, it allows you to neatly bypass most network controls, here's an example using the above and SCP to tunnel data out of a network in an encrypted fashion  Note this is transferring DATA_DIRECTORY from Host A to Host C and placing it in the users home directory

scp -P 2222 -r DATA_DIRECTORY user@localhost:~/


No comments:

Post a Comment