Persistent Ssh Tunnels For Windows And Linux, Local Vs Remote Forwards And More

This time on the show, local and remote forwarding with SSH, persistent connections in Linux with AutoSSH, Windows tunnels that don't quit (with a GUI front-end for Plink), and a whole lot of technolust. All that and more, this time on Hak5!

SSH Remote Forwarding: Relay Local Apache Server Through Tunnel

# install apache server
darren@dk10$ sudo apt-get install apache2
# browse to http://localhost
# Relay port 8080 on remote host to 80 on local host
darren@dk10$ ssh -R 8080:localhost:80 aardwolf@relay.wifipineapple.com
# browse to http://relay.wifipineapple.com:8080

SSH Local Forward: Relay Remote VNC Server Through Tunnel

# install vnc client
darren@dk10$ sudo apt-get install vncviewer
# vnc to server without SSH (bad idea)
darren@dk10$ vncviewer rrs5204q6n.hak5.org:1
# setup SSH local forward
darren@dk10$ ssh -L 5901:localhost:5901 aardwolf@rrs5204q6n.hak5.org
# vnc to server through ssh tunnel
darren@dk10$ vncviewer localhost:1

Maintaining Persistent SSH Tunnels in Linux

AutoSSH is a simple and effective utility for monitoring and maintaining persistent SSH connections, restarting the session as necessary. It can be downloaded from http://www.harding.motd.ca/autossh/ and is available for most *nix platforms. On Ubuntu:

# Install autossh
darren@dk10$ sudo apt-get install -y autossh
# The autossh -M option specifies which port to monitor the connection from
# The -N option is a regular openssh parameter which is passed from autossh to ssh, specifying that there is no remote command to execute.
# The & tells the shell, bash in our example, to run the command in the background.
darren@dk10$ autossh -M 20000 -N aardwolf@relay.wifipineapple.com &
# To find the process ID where autossh is running
darren@dk10$ pidof autossh
# And finally to stop autossh
darren@dk10$ kill `pidof autossh`

Maintaining Persistent SSH Tunnels in Linux

  • First of all, we need to cover Plink. Short for Putty Link, the plink utility is the command-line equivalent to Putty on Windows. We'll be using this today, along with another tool in order to keep an SSH tunnel persistent.
  • Here's an example of a plink SSH tunnel. We start by launching pageant and entering our passphrase. Now that our private key is in memory we can use plink to start an SSH tunnel from the command line.
  • So open up CMD, navigate to where your plink utility is. For me that's by running "cd \putty"
  • Now run plink.exe -- you'll be greeted by a whole list of options for this command line utility.
  • To start a simple Dynamic SOCKS proxy I'll enter:
  • plink -D 8080 snubsie@peanut.hak5.org -agent
  • The -D says make it a Dynamic SOCKS proxy on my local port 8080 and the -agent says to use pageant for the private key file.
  • And there we go, a command to start our SOCKS proxy for all our tunneling enjoyment. Of course if the SSH connection is dropped we'll be all sad pants -- especially if we're using the tunnel to watch the BBC or something.
  • And while autossh *is* available for Windows, sort of, it isn't exactly the easiest to setup. AutoSSH, the Linux program, can be run in Windows using Cygwin -- a Linux environment for Windows. If that suits your fancy, have at it. There's a decent tutorial for setting that up.
  • That said, I'm more interested in using native Windows programs. Thankfully a similar setup to autossh can be achieved using plink with the help of a little utility called MyEnTunnel.
  • Short for My Encrypted Tunnel, MyEnTunnel is a windows utility that lives in the system tray, or can be run as an NT service in the background, that quietly watches Plink sessions and restarts them as necessary.
  • MyEnTunnel is available from http://nemesis2.qx.net/pages/MyEnTunnel as freeware.