Setting up ssh tunnel in Putty

2

I have instructions for setting up a proxy tunnel to a work computer behind a firewall. The setup is:

                        |
[home]--------[outside]-|-[inside]
                        |

The instructions are, from home:

  1. ssh -N -L 7000:inside:22 outside
  2. ssh -D 9999 -p 7000 localhost
  3. Setup a proxy for port 9999 on localhost

I should then be able to appear to the world as though I'm on [inside].

If I was on a mac or linux machine I assume I would do the first two steps in order at a terminal. In windows, I can't just open up an ssh terminal.

The putty tunnel configuration screen looks like this:

enter image description here

I have two questions:

  1. What would be the right settings for step 1?
  2. Is the 2nd step done in Putty as well, or from the shell connection in step 1?

Edit: This is what the main Putty screen looks like:

enter image description here

Localhost:7000

enter image description here

abalter

Posted 2015-12-18T03:13:36.400

Reputation: 544

Answers

1

So to answer your second question first, yes, both steps are done from PuTTY.

First you need to setup a tunnel to outside using the "Local" radio button with the "Source Port" set to 7000 and the "Destination" set to inside:22.

Next, you would start another instance of PuTTY and use localhost:7000 as the host. On the tunnels tab, select the "Dynamic" radio button and set the "Source Port" to 9999.

Then, as before, configure your proxy to point to localhost:9999.

heavyd

Posted 2015-12-18T03:13:36.400

Reputation: 54 755

Thanks! Do I need to put anything in the "Destination" box for either step? Also, What do I put for hostname in step 2? See image added to question. Is it just outside again? – abalter – 2015-12-18T04:04:25.100

@abalter, I've updated the answer to clarify – heavyd – 2015-12-18T04:07:29.113

Putty won't connect when I have it set as in image above: hostname=localhost, port=7000. Isn't that kind of like asking to log on to my own machine at port 7000? I'm not running an ssh server. – abalter – 2015-12-18T04:16:29.690

I just realized I wrote that wrong. The first step should have "Local" selected, not "Remote." I've updated the answer. This will open port 7000 on the local machine and forwarding it to inside:22 on the remote side of the tunnel – heavyd – 2015-12-18T04:27:35.407

So does that take care of both steps at once? – abalter – 2015-12-18T04:38:28.170

No, you still need both. The first one opens a session to outside and the tunnel opens port 7000 on the local machine. Any connections to localhost:7000 will then be forwarded to inside:22, so you connect the second session to localhost:7000 and then setup the second, dynamic tunnel which you will use as the proxy. – heavyd – 2015-12-18T04:41:24.727

Let us continue this discussion in chat.

– abalter – 2015-12-18T04:43:58.203

Asked: 2015-12-18T03:13:36.400

Viewed: 795 times

Active: 2015-12-18T04:27:11.403