13,420
edits
Changes
no edit summary
=== Investigation 6: How do you use ssh to tunnel other traffic. ===
[[Image:Tunnel.png|thumb|right|485px600px|You can also use an ssh connection to '''tunnel other types of traffic'''. There could be different reasons for doing this. For example tunneling traffic for an unencrypted application/protocol through ssh can '''increase the security of that application''' (i.e. deceive potential hackers). Alternatively you could use it to circumvent a firewall that is blocking traffic you wish to use but allows ssh traffic to pass through.]]
# For this section, you will still be using your '''centos1''' and '''centos2''' VMs.
# You will be working with the 2nd scenario of bypassing a firewall that blocks http traffic.
# On centos2 confirm that the httpd service is stopped so it cannot interfere with your observations.
# The next step is to establish a tunnel. When you establish a tunnel you make an ssh connection to a remote host and open a new port on the local host. That local host port is then connected to a port on the remote host through the established tunnel. When you send requests to the local port it is forwarded through the tunnel to the remote port.
{{Admon/note | Note! | The -L (which means Local port) takes one argument of <pre><local-port>:<connect-to-host>:<connect-to-port></pre> The command basically connects your local port of 20808 to the remote port of 80 on centos1. This means all requests to 20808 on the localhost (centos2) are actually tunnelled through your ssh connection to port 22 on centos1 and then delivered to port 80 on centos1, bypassing the firewall. }}
<ol><li value="14">Once the tunnel is established use netstat to verify the port 20808 is listening on centos2</li>