Florz
/
ssh-port-forwarding
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

add description for crucial client parameters

This commit is contained in:
Florian Schlegel 2022-04-15 02:03:35 +02:00
parent 4886dab825
commit 3b7e4d422e
1 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
README.md
View File

@ -79,8 +79,7 @@ exit 0
Don't forget to mark the script as executable: `chmod +x /etc/rc.local`
The client side ssh command looks like:
`ssh ssh-port-forwarding@myserver.example.com -TNnqakx -o "TCPKeepAlive yes" -o "ServerAliveInterval 5" -o "ServerAliveCountMax 3" -o "ExitOnForwardFailure yes" -L [...] -R [...]`
`ssh ssh-port-forwarding@myserver.example.com -TNnqakx -o "TCPKeepAlive yes" -o "ServerAliveInterval 5" -o "ServerAliveCountMax 3" -o "ExitOnForwardFailure yes" -R [bind_address:]port:host:hostport -L [bind_address:]port:host:hostport`
* `-T` disable pseudo terminal allocation
* `-N` don't execute any command on the server
* `-n` redirect stdin to /dev/null (necessary as we run this command in background)
@ -93,7 +92,15 @@ The client side ssh command looks like:
* `-o "ServerAliveCountMax 3"` mark connection as failed after 3 lost test messages
* `-o "ExitOnForwardFailure yes"` quit ssh process if self check or __any of the forwardings__ fail (this is a crucial feature missing in autossh)
* `-4` (not shown above) is optional to foce ssh to use IPv4 only (in case of problems with IPv6)
* `-L` (can be repeated multiple times)
* `-R` (can be repeated multiple times)
* `-R [bind_address:]port:host:hostport` (see above -> `permitlisten`; can be repeated multiple times)
* `bind_address` usually `localhost` or `*` (optional but necessary)
* `port` port that the server should open for incoming connections
* `host` hostname or address that the client should forward the connection to (e.g. localhost)
* `hostport` existing port on the host that should be forwarded
* `-L [bind_address:]port:host:hostport` (see above -> `permitopen`; can be repeated multiple times)
* `bind_address` address on the client, that the port should be bound to (optional; usually left blank)
* `port` port that should be opened on the client
* `host` host that the client wants to access through the server (e.g. `localhost` on the server itself)
* `hostport` existing port that should be forwarded to the client
Please beware that the hostname part in the `-L` and `-R` options must be spelled exactly the same as in the `permitlisten` and `permitopen` variables on the server ("Localhost", "localhost" and "127.0.0.1" are treated different).