Saturday, March 27, 2010

SSH Port Forwarding Example

Like everyone, it takes me a few tries before I get a port forwarding command line right. Here is yet another example for everyone, just in case you happen to have this specific example.

Lets say you want to get to your database, but it isn't exposed:
CLIENT --> DMZ --> DB_HOST

You want to forward some port on DMZ to the DB. Lets say it is Oracle running on 1521. Then, from the DMZ host you should issue the following command:


ssh -g -L 5000:DB_HOST:1521 boneill@DB_HOST


At this point, you should be able to connect to DMZ:5000 as if it were DB:1521.

REALLY REALLY IMPORTANT is the "-g", that allows remote connections to 5000. Otherwise, it will just bind to the local interface and you won't be able to connect from CLIENT.