SSH, a very popular tool found almost with every IT guy. Commonly, when we talk about the insecure network for data, ssh is the tool that is most trustworthy. To protect data against attacks local port forwarding can help, the ssh protocol uses encryption to secure connections. Almost all of the ssh tools, come as free. Putty can be an example.
What all we require to make ssh run.
- Here, in our scenario, we gonna use Ubuntu 20.04 as OS.
- Open TCP port 22 on firewall, if required.
- Create local users.
- Control user access with directory server-PAM, or manually in /etc/sshd/sshd_config
Install SSH Services
Lets install application first.
#apt-get update
Install required package.
#apt install openssh-server
Check what is the IP address of ssh server.
# ip a | grep inet
SSH server IP is 192.168.1.62
Check service status.
# systemctl status ssh
Local port forwarding with ssh server.
A tunnel can be created with SSH to forward a port on another server. SSH can be used to provide the proxy, which can be used to send web traffic.
Let’s see how to use ssh to protect the network by using port forwarding.
Scenario: –
Here we have,
- A web server- 192.168.1.161 installed with ssh service as well.
- An SSH server- 192.168.1.62
- Localhost – 192.168.1.268, where local port forwarding required to configure, installed with ssh service.
As described, in the illustrated diagram below, a local host machine wants to connect with the web server over the internet. A firewall is protecting that webserver. But for a web server, problem is that all communication taking place is in plain text. A secure tunnel protected with ssh can resolve the security issue here and we can establish secure communication with any remote user. We will establish a secure ssh tunnel between ssh server sitting next to the web server and all our communication from localhost will be via ssh.
To run our test lets install webservices on 192.168.1.161
# apt update
# apt-install apache2
Check if service are running or not, on webserver.
#systemctl status apache2
Note: Refer previous steps, for how-to install ssh.
Enable local port forwarding
On server 192.168.1.161 let’s have a look at the webserver status, working fine.
Let’s Login to our local host machine i.e. 192.168.1.268 to establish a secure ssh tunnel.
# ssh -L 9090:192.168.1.161:80 [email protected]
Where -L is the localhost machine we are logged in. 9090 any free port we can use, 192.168.1.161:80 is the address of HTTP server, 192.168.1.62 is ssh server with which localhost will establish a tunnel.
Now, we will see that webserver is available on localhost magically. Have a look:
Even if we disconnect ssh session, port forwarding will be still effective.
Lets close that tunnel, get ssh process id.
ps -x | grep ssh
864 ? Ss 0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
5131 pts/0 S+ 0:00 grep --color=auto ssh
Kill ssh process
pkill -9 5319
Is service up now ? No, its not!
Conclusion:
SSH enable a secure tunneling, which help to protect webservices and enable local host to access as if they are installed locally. SSH tunnel can be stopped or stopped as and when required.
