How to enable ssh remote port forwarding

beer9
beer9 used Ask the Experts™
on
is there a way I can enable 'remote port forwarding using ssh' inside the VPN and then access to that bypassing the VPN?

Basically I have a system inside VPN and I want to access it without going through VPN. It's irritating to login via VPN everytime to access it
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2017
Commented:
First you have to make sure the option is enabled on the ssh server side, /etc/ssh/sshd_config

Allowforwarding yes.

Now depending on which direction you want
From the connecting system to a system on the remote LAN system, you would use the -L localport:remotehosttobeaccessed:remoteport (localhost implied)

If you want a remote system to be able to access back through the VPN a local system, -R .........
I do not think arnold is understanding your question fully.

The answer is no, you can not bypass you VPN by forwarding anything on your Linux system, unless your network team is an absolute mess.

Chances are your company or sysadmin setup VPN for security purposes.  You should not try to circumvent that security.   There is most likely a firewall between your Linux system and the outside world and ports would have to be open on said firewall to allow you outside access bypassing the VPN.
Distinguished Expert 2017

Commented:
savone, it depends on how you interpret the question.  If an SSH connection is available outside the VPN and that is what the person wants to use, the server configuration is required to make sure port forwarding over SSH is available.

If ssh is only accessible via VPN, than no matter what changes the person makes to the ssh server, the VPN must be present for the ssh connection to work.
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.

Author

Commented:
if there is a firewall between me and ssh then can I use port 80 to do ssh login? I am sure firewall will allow port 80 and 443.
Distinguished Expert 2017

Commented:
What are you trying to do?  It is one thing to use a different mechanism to access a set of resources, it is completely another if you are trying to circumvent .......
If port 80 or 443 are open, it's normally because there's a webserver listening on those ports. If there's a webserver listening, then it won't let you use ssh to login on those ports.

If the firewall is carelessly leaving those ports open without there being a webserver listening -- and IF you can get an sshd service running on the server to listen to those ports -- THEN you could use it for ssh login.

The assignment of ports to services is entirely convention; if both sides of the conversation choose to ignore convention, then they can agree to collude and use the port for some unconventional purpose.

=====

But this is a digression. I agree with Savone: It sounds like you are desiring to circumvent -- as a matter of your own convenience -- a security feature set up to protect this server. Better to focus your efforts on finding tools that will reduce the inconvenience of using a VPN. It may well be possible to automate most of the VPN connection setup so that it is much less of an annoyance.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial