1

I am used to forwarding a remote service port on localhost using ssh like:

ssh -L 2181:localhost:2182 user@server (forward remote host port 2182 to local port 2181)

now, from the machine I ssh to, I am trying to reach a tcp service and forward the response to my local machine:

local-machine:2181 <-- SSH --> remote-machine:2182 <-- netcat/named pipe --> service:2181

Note: I do not have direct access to the service machine, I only have access to the network through the machine I SSH to.

I was trying to use netcat with a named pipe:

On the remote-machine:

mkfifo fifo
nc -k -l 2182 <fifo | nc service 2181 >fifo

On local machine: echo message | nc localhost 2181

but that doesn't seem to work.

I also tried, on remote-machine nc -k -l 2182 0<fifo | nc service 2181 1>fifo

without luck

On the remote machine nc -k -l 2182 outputs the message I send from the local-machine:2181

if I simply pipe this like: nc -k -l 2182 | nc service 2181 I do see the response from the service on the remote-machine. So I'm able to go all the way to the service and back to the remote-machine but it stops there:

local-machine:2181 <-/- SSH --> remote-machine:2182 <-- netcat --> service:2181

so I don't understand why the named pipe won't forward the response through the ssh connection back to my local machine.

echo message | nc localhost 2182 on the remote-machine does NOT output anything back on the local-machine, so it's not making it through SSH for some reason.

Any idea why this is and how to fix it?

Thanks for help.

(EDITED for clarity) Note: I need this because I can only SSH to one machine, which is part of a cluster, and that machine has access to the service(s). I do not want to expose the service to the outside, nor have SSHD one every service container.

MrE
  • 408
  • 1
  • 5
  • 14

2 Answers2

1

I was pointed to the fact that one can simply do

ssh -L 2181:service:2181 user@remote-machine

to forward the connection to service from remote-machine to the port on local-machine.

simple and efficient.

MrE
  • 408
  • 1
  • 5
  • 14
0

You can use -R for this purpose:

ssh -R 8080:127.0.0.1:7070 yourhost

This will open a port on yourhost:7070 that forwards to localhost:8080

Documentation says

[-R [bind_address:]port:host:hostport]
Hugo
  • 271
  • 2
  • 7