Navigation

Tags Archives: reverse tunnel

SSH Reverse Tunnel – A Practical Example – Public Internet Server to Client Laptop on NAT WiFi

By on April 21, 2022 in

Instructions for setting up an ssh reverse tunnel from my laptop to my internet server.

 

This was necessary as I could not connect to my NFS shares on gemini from my laptop when using external wifi as my server denies connections that are not made via my private VPN network. This is for security reasons to prevent third-party access to my NFS server shares.

 

 

 

However, I can ssh in to the gemini server.  So I set up a reverse SSH tunnel.  I did the following:

 

 

on laptop:

 

ssh -f -N -T -R22000:localhost:22 gemini

 

I can then copy files through the tunnel using the port 22000 address on gemini…

 

example: 

 

 
root@gemini:~# scp -P 22000 filefromgemini gemini:/tmp
root@gemini’s password:
filefromgemini 100% 47 3.8KB/s 00:00
root@gemini:~#

 

I want to copy the WordPress databases from gemini to laptop:

 

on gemini do:

 

wp cache flush –path=/var/www/wordpress –allow-root

 

# create the database export from server kevwells.com:

 

mysqldump –all-databases > /home/kevin/all_databases.sql

 

 

then scp the .sql file to port 22000 on gemini – this is the ssh reverse tunnel entrance to my laptop!

 

scp -P 22000 /home/kevin/all_databases.sql gemini:/home/kevin/

 

(the “gemini:/home/kevin” in this case is actually my /home/kevin on the laptop! – ie the other end ie exit of the tunnel)

 

 

so, to summarize we do:

 

on laptop client:

 

root@asus:/usr/local/bin#
root@asus:/usr/local/bin# ssh -f -N -T -R22000:localhost:22 gemini
root@asus:/usr/local/bin#

 

on gemini server:

 

root@gemini:~#
root@gemini:~# wp cache flush –path=/var/www/wordpress –allow-root
Success: The cache was flushed.
root@gemini:~#
root@gemini:~# mysqldump –all-databases > /home/kevin/all_databases.sql

 

root@gemini:/home/kevin# ls
all_databases.sql BACKUP DATA Downloads NEXTCLOUD readme.locationofmyphp.ini
root@gemini:/home/kevin#
root@gemini:/home/kevin#
root@gemini:/home/kevin# scp -P 22000 /home/kevin/all_databases.sql gemini:/home/kevin/
root@gemini’s password:
all_databases.sql 100% 28MB 2.0MB/s 00:14
root@gemini:/home/kevin#

 

then on laptop, sure enough the file has arrived:

 

root@asus:/home/kevin# ll
total 253272
drwxrwxr-x 34 kevin kevin 16384 Apr 21 16:02 ./
drwxr-xr-x 3 root root 4096 Aug 28 2021 ../
-rw-r–r– 1 root root 29555359 Apr 21 16:02 all_databases.sql

 

 

Mission accomplished.

 

 

Continue Reading