ssh is the short term for SECURE SHELL, which is a protocol for securely communicate between 2 computers.

the idea is that in your local machine, say, Alice. In Alice, you generate 2 keys: a public key and a private key and a passphrase.

you put your public key in the remote machine, say, Bob. and keep your private key in safe place. Then everytime you log in to Bob from Alice, Bob will ask you the passphrase for the key. In simple and naive viewpoint, the traditional password becomes a passphrase for the key. For the detail setup, please google it.

ssh tunneling is that, we want to access a third machine , say, Carman, from Alice via Bob.

Alice ---> Bob(login name: alice) ---> Carman(login name: bob)

a straightforward way to do is setup 2 ssh connections between Alice and Bob, and Bob and Carman. First login to Bob from Alice, then login to Carman from Bob. or

Alice:$ ssh alice@Bob
Bob: $ ssh bob@Carman

This is quite inconvenient. especially when we use scp for file transfer.

There is a simpler way, which is called “ssh tunneling”. The ssh tunneling create a tunnel in Bob, so Alice and Carman can directly communicate. Todo so,

Alice: $ ssh user_alice@Bob -L 1234:Carman:22

The meaning of the command is that -L means “bind address”, or simply creating a ssh tunneling on Bob, in which everything from the port 22 of Carman will pass through Bob and go to the port 1234 on Alice. Port 22 is assigned for ssh connection, for internet connection, use 8080. The port id can be different from 1234.

Now in Alice, the port 1234 is directly connected to Carman via a ssh tunnel in Bob. To connect from Alice, don’t close the previous ssh, open a new connection(terminal), and type

Alice: $ ssh -p 1234 bob@localhost

the keyword localhost mean the machine Alice, -p 1234 means using port 1234.

for using scp for file transfer,

Alice: $ scp -P 1234 bob@localhost:<file>  <some place in Alice>

for using Carmen to browser internet, set the proxy. for detail, google it.

hope it is helpful.

Advertisements