Bust that pesky corporate firewall

Have you ever needed to SSH into a firewalled computer where you don’t have control over the firewall? Well by creating a tunnel from your this protected machine to your machine at home you can punch a tiny SSH sized hole in that firewall.

This is what you’re going to need for this to work

  1. You need to have a SSH server running on both machines.
  2. You need to be able to SSH to that machine from the protected computer

Simple yes?

All you need to do is run this command on the protected machine

ssh -l login -nNT -R 1200:xxx.xxx.xxx.xxx:22 yyy.yyy.yyy.yyy

Replace “login” with your SSH username
Replace xxx.xxx.xxx.xxx with the IP or hostname of the protected computer
Replace yyy.yyy.yyy.yyy with the IP or hostname of your home computer

Now lets break this command down

the -l is to specify the login name for this SSH session.
the -nNT This just keeps the session on this end clean by disabling the allocation of a pseudo-tty not running any commands on connect and disabling input.

the 1200:xxx.xxx.xxx.xxx:22 is very important. This is the magic this means that once we connect we’re going to open a tunnel back through the SSH session on port 1200 (on the end of your home computer) that connects to port 22 (On the end of the protected computer).

Now once you execute this command. You should get a password prompt. Enter your SSH password and hit return. The tunnel should now be active. Make sure to keep this window open and running as if it closes your tunnel closes with it. You can get around this with tools like screen but that’s beyond the scope of this post.

Now to test it all out go to your home machine and type the following command to SSH over the tunnel to your protected computer

ssh -p 1200 username@localhost

make sure to replace “username” with the SSH user on your protected machine. Again you should be prompted for your password for “username” and if all goes well you should now be SSH’d into your protected machine.

There’s a ton of ways you can build on this simple trick. If there’s any interest some may be covered in future posts.

As always if you have any questions or trouble with this post please post them in the comments below.

If you enjoyed this post, make sure you subscribe to my RSS feed!

Published by

LiamM

I'm a self labeled Nerd who enjoys Playing Video Games, restoring classic muscle cars (i have a 65' Mustang in the works) , Running Big Data Clusters, Tattoos, Working on System Automation, Riding and customizing Motorcycles, and writing python Code. I'm an SRE with DemonWare/Activision Specializing in Big Data/Hadoop operations but all opinions and views expressed on this site are solely my own.