sshssh-tunnel

I want to create ssh tunnel to access API


I have the scenario:

My local machine is srv1
The jump server is srv2
The target server on which API is running is srv3

So, there is an API that is running and accessible on srv3 at port 88. I could not access it directly from my local machine ie srv1.

But, I could ssh to this srv3 from sev2 which is a jump server. And I could ssh to the sev2 from my own server ie srv1.

Now, is there a way I could access the API running on srv3 at port 88 from my machine ie srv1?


Solution

  • If srv3:88 is accessible from srv2, you can do a simple tunnel. On srv1, execute

    ssh -L 8888:srv3:88 srv2
    

    (where 8888 is arbitrary number greater or equal than 1024). While the connection lasts, any connection to srv1:8888 will be transmitted to srv3:88.

    If you need the tunnel to be on srv1:88 instead (where 88 is an arbitrary number under 1024), you will need to run the above command as root, since only root can bind on privileged ports.

    If srv3:88 is only accessible from srv3, then you'll need to make it a bit more complex:

    ssh -oProxyCommand="ssh srv2 -W %h:%p" -L 8888:localhost:88 srv3
    

    (You can also add -N option to not run the shell - so instead of stopping the tunnel with exit or ^D, you would do it with ^C).