How to set up an SSH tunnel on an addon ip address?
September 11, 2012 12:29 PM Subscribe
How can I choose what IP address on a remote Linux server I pass through when I SSH tunnel that server?
I have a remote Linux server (Debian 6) with multiple IP addresses set up on it. When I SSH tunnel to that server and use the tunnel as a proxy to browse with, it always uses the main IP address of the server.
My question is, then, what do I have to do on the server to tell it to send/receive tunneled traffic through one of those addon IPs?
Bonus: Is there a way to configure the server so that I can pass in command-line putty commands (I'm launching putty via command line on a WinXP box) to choose which of those server IPs are used for specific tunneling sessions?
I have a remote Linux server (Debian 6) with multiple IP addresses set up on it. When I SSH tunnel to that server and use the tunnel as a proxy to browse with, it always uses the main IP address of the server.
My question is, then, what do I have to do on the server to tell it to send/receive tunneled traffic through one of those addon IPs?
Bonus: Is there a way to configure the server so that I can pass in command-line putty commands (I'm launching putty via command line on a WinXP box) to choose which of those server IPs are used for specific tunneling sessions?
Best answer: I'm no expert so later posters can verify this or shoot me down, but I think you need to look at modifying the kernel's IP routing table. This is how the kernel determines how to send out your outbound traffic. Look at the man page for route (which may now be obsoleted by the "ip" command, but route is on my Debian squeeze machine.)
posted by massysett at 12:48 PM on September 11, 2012
posted by massysett at 12:48 PM on September 11, 2012
Response by poster: Yep, when I added those search terms in, that's the type of solution that came up. Thanks, dudes/dudettes!
posted by ofcourseican at 12:54 PM on September 11, 2012
posted by ofcourseican at 12:54 PM on September 11, 2012
so, a potentially easier thing would be to use the -b option with SSH. from the man page:
so, if the IP you want is 10.10.0.5 and the remote host is 10.20.0.1, your command would be
posted by mrg at 5:59 PM on September 11, 2012
-b bind_address
Use bind_address on the local machine as the source address of the connection. Only useful on sys-
tems with more than one address.
so, if the IP you want is 10.10.0.5 and the remote host is 10.20.0.1, your command would be
ssh -b 10.10.0.5 user@10.20.0.1best to read the man page on your system; -b is from OpenSSH but depending on what you're actually on you may or may not have OpenSSH. though, given it's Debian, it's probably OpenSSH.
posted by mrg at 5:59 PM on September 11, 2012
upon a re-read, you're actually talking about what IP gets used by the proxy, right? you ssh into 10.0.0.5, which has IPs 10.0.0.5-10.0.0.10, and you have a proxy set up to redirect traffic locally though SSH out of the server, and you want to have the traffic appear as if it's coming out of (say) 10.0.0.8? if so then the -b option won't do anything for you actually..
posted by mrg at 6:08 PM on September 11, 2012
posted by mrg at 6:08 PM on September 11, 2012
This thread is closed to new comments.
posted by k5.user at 12:45 PM on September 11, 2012