7/11/2011

SSH 3

SSH 3 (Port Forwarding)

SSH Port Forwarding or SSH tunneling allow to establish SSH session (secured connection) , And then making TCP connection (unsecured connection) inside the tunnel or through it .
it's used for securing unsecured connection.




  • Local Port Forwarding :

To understand port forwarding let's see examples
when i want to access my mail client via pop (post office protocol) port : 110 , so , to secure this connection , i should first establish SSH session , and then make a normal TCP connection through this channel
1- establish SSH session
ssh -L 10000:localhost:110 user@mailserver.com
after authentication with any method (password or public key) we established SSH session
let's describe this command
-L : local forwarding
10000 : local port or local socket that connection will out to server , here SSH bind 10000 to loopback (127.0.0.1)
110 : remote port
mailserver.com: server that ssh connect with

2- making TCP connection through SSH channel
 in a separate shell window apply
telnet localhost 10000

we making SSH session and and bind port 10000 to loopback, now to make a connection through SSH channel by command telnet localhost 10000 , it's normal and unsecured ,but it's inside a secure channel
client send a message through port 10000 inside SSH channel and server deliver it to port 110


Another example:

when i have on my server telnet service , and to improve telnet security , I disabled to receive connections from any computer (just loopback)
by editing /etc/xinetd.d/telnet , And add bind = 127.0.0.1
when i try to connect to telnet from remote computer telnet 192.168.0.200 23
result:
telnet: connect to address 192.168.0.200: Connection refused
telnet: Unable to connect to remote host: Connection refused


we here can access telnet via SSH tunnel from client
ssh -L 9999:127.0.0.1:23 192.168.0.20

and from client again and in a separate shell window
telnet localhost 9999

it will connect ,now i make a secure connection between client and server (telnet) although ,telnet is not a secure connection.
it's can also apply on any unsecured connection such as FTP

FTP connection will be secured inside SSH channel


  • Remote Port Forwarding :

In Local Port Forwarding i started the session from client to server , but in Remote Port Forwarding is opposite , The session will start from the server and then go to the client.

Example :
when i want to connect SSH server (internal) IP192.168.0.20 but the server is behind a firewall ,so client (external) can't access .



To access we make revers Tunnel or Remote Port Forwarding ,
1- Establish the SSH session from the server by command
ssh -R 9999:localhost:22 192.168.0.20

2-Make SSH connection through SSH tunnel
ssh -p 9999 localhost

we here make the SSH session from the server to the client (revers) , and the client access via tunnel to SSH ,because client can't make the SSH session because of the firewall.

Hint 1: To see SSH Port Forwarding debug by useing -v option ,for example:
ssh -v -L 9999:127.0.0.1:23 192.168.0.20 
Hint 2: When destination host in not localhost this mean the connection is not fully encrypted
for example :
ssh -L 9999:192.168.0.25:23 192.168.0.20
this mean the connection between client and 192.168.0.20 is encrypted , but between 192.168.0.20 and 192.168.0.25 will not encrypted


client connect to 192.168.0.20 via SSH connection (encrypted) , and 192.168.0.20 deliver the messages from client to 192.168.0.25 through port 25 via telnet (not encrypted) and we have here another use of SSH Port Forwarding , You can connect to server that provide a service Via SSH server .

No comments:

Post a Comment