8

I have an application server at work that can accept http request only from localhost.

At home I access the server through ssh. Once on the server I can curl http://localhost/test.html

I would like to do the same from my web browser at home, i.e. in some way redirect my browser traffic over ssh and access test.html as if I were on the server.

I tried ssh -v -D 9090 user@xx.xx.xx.xx and after I set a manual proxy in Firefox over a SOCKS v5 host: on ip: 127.0.0.1 and port 9090

I see something going on in ssh debugging but it looks like is not redirecting to the 80 server port

Glasnhost
  • 651
  • 4
  • 11
  • 22
  • would a text-based web browser like links2 work or does it need to be a full-fledged browser? – sippybear Feb 25 '20 at 16:41
  • You should clarify accept http request only from localhost. Do you mean the app server is bound to localhost and allows no external IP connections, or is it restricting traffic URIs via something like SNI? If it's bound to localhost, you'll have to emulate being on the box like with your SSH tunnel. If it's just restricted, such as SNI, you could put a host table entry for localhost on the remote machine and open a port on the server for the connection. – duct_tape_coder Feb 25 '20 at 22:58

1 Answers1

8

The right syntax for create an SSH tunnel is this one:

ssh -L local_port:remote_address:remote_port username@server.com

So according to your output the command should be something similar to this:

ssh -L 9090:localhost:80 username@server.com

After establish the tunnel you don't need to configure anything on firefox just type in the URL http://localhost:9090

Hope this help

DarkVex
  • 428
  • debug1: Connection to port 9090 forwarding to localhost port 80 requested. debug1: channel 3: new [direct-tcpip] channel 3: open failed: connect failed: Connection refused debug1: channel 3: free: direct-tcpip: listening port 9090 for localhost port 80, connect from 127.0.0.1 port 60758 to 127.0.0.1 port 9090, nchannels 4 – Glasnhost Feb 25 '20 at 16:51
  • if you change localhost with the IP of the server? – DarkVex Feb 25 '20 at 16:53
  • Works perfectly. Can't say what OP is doing incorrectly. – Paul Jul 09 '22 at 01:50