If you’ve administered any remote Linux machines then you are already familiar with SSH, but you might not know that you can use SSH for much more than just connecting to a shell on a remote system. By using SSH’s port forwarding features, you can set up encrypted tunnels for many services, or connect to systems behind a firewall from home.
For those of you unfamiliar with SSH, it allows for secure encrypted network communication and can replace insecure unencrypted utilities such as telnet, ftp, and the r-commands (rlogin, rsh, rcp). If you still use telnet please put this magazine down right now, go disable the telnet daemon, and install SSH and then continue reading.
I’m not aware of any major distribution that doesn’t ship the SSH client and server in some form, so installation should be trivial using your distro’s package utilities– if they’re not installed already. For this month’s” Tech Support” column we will use OpenSSH, a free version of the SSH suite of network connectivity tools available from http://www.openssh.org, and SSH protocol version 2. If you use a different SSH suite, or are using SSH protocol version 1, some of the instructions may not apply or may need to be modified.
Whenever you SSH from one machine to another, you are establishing a secure encrypted session. You can take this one step further with SSH port forwarding, which allows you to tunnel arbitrary TCP connections though your secured session. Port forwarding can be useful in a variety of situations, from securing remote POP3 connections to tunneling through firewalls. If you are doing the latter, make sure to be mindful of any policies your IT department may have in place. There are two kinds of SSH port forwards, LocalForward and RemoteForward. I’ll give one example of each, and will cover the two scenarios given. If you’re having…
Please log in to view this content.
Not Yet a Member?
Register with LinuxMagazine.com and get free access to the entire archive, including:
