SSH Remote Port Forwarding on Ubuntu

This article explains SSH remote port forwarding (also known as reverse SSH tunneling) and demonstrates how to set it up on Ubuntu Linux. You will learn the core concepts of how traffic is redirected from a remote server to your local machine, followed by a straightforward, step-by-step guide to configuring and running this protocol securely.

What is SSH Remote Port Forwarding?

SSH remote port forwarding allows you to expose a service running on your local machine (or local network) to the internet or a remote network via a secure SSH tunnel. This is highly useful when your local machine is behind a NAT or restrictive firewall, preventing direct incoming connections. By establishing an outbound SSH connection to a public remote server, you can map a port on that remote server to forward all incoming traffic back to a designated port on your local machine.

How It Works

The mechanism relies on three main components: your local machine (client), the remote SSH server, and the SSH tunnel connecting them.

1. Initiation: Your local machine establishes a secure SSH connection to the remote Ubuntu server.
2. Port Allocation: During connection setup, you instruct the remote server to listen on a specific port (e.g., port 9000).
3. Traffic Forwarding: When an external user sends traffic to port 9000 on the remote server, the SSH daemon encrypts this traffic and routes it through the active SSH tunnel back to your local machine.
4. Local Delivery: Your local machine decrypts the traffic and delivers it to the target service (e.g., a local web server running on port 80).

Step-by-Step Configuration on Ubuntu Linux

To set up remote port forwarding, you need access to both your local machine and a remote Ubuntu server.

Step 1: Configure the SSH Daemon on the Remote Server

By default, Ubuntu’s SSH daemon only allows localhost to connect to forwarded ports. To allow external users to connect to your forwarded port, you must enable GatewayPorts.

1. Log in to your remote Ubuntu server via SSH.

2. Open the SSH configuration file with a text editor:

   sudo nano /etc/ssh/sshd_config

3. Locate the line containing GatewayPorts and change its value to yes. If the line does not exist or is commented out (with a #), add it:

   GatewayPorts yes

4. Save the file (Ctrl+O, Enter) and exit (Ctrl+X).

5. Restart the SSH service to apply the changes:

   sudo systemctl restart ssh

Step 2: Establish the Remote Port Forwarding Tunnel

From your local machine, run the SSH command using the -R flag. The syntax for the command is:

ssh -R [remote_bind_address:]remote_port:local_address:local_port user@remote_host

• remote_port: The port on the remote Ubuntu server that will listen for incoming traffic.
• local_address:local_port: The destination IP address and port on your local network (usually localhost:local_port).
• user@remote_host: Your login credentials for the remote Ubuntu server.

Example Command

If you have a web application running on your local machine on port 8080, and you want to make it accessible via port 9000 on your remote server (IP: 203.0.113.50), run this command on your local machine:

ssh -N -R 0.0.0.0:9000:localhost:8080 user@203.0.113.50

• The -N flag tells SSH not to execute any remote commands, which is useful when you only want to forward ports.
• 0.0.0.0 specifies that the remote server should listen on all available network interfaces, making the port accessible to the public internet.

Step 3: Verify the Tunnel is Working

Once the SSH connection is active, you can test the setup. Open a web browser or use a tool like curl to access the remote server’s IP address on the forwarded port:

curl http://203.0.113.50:9000

The request will pass through the remote server, travel down the encrypted SSH tunnel, and return the response from the application running on your local machine’s port 8080.