Extended Use of SSH Tunnelling with Putty to Access Inaccessible Remote Desktop and URL

Now, let us take another samples of using Putty for SSH tunneling, other than like explained in previous article.

Basically, the pre-conditions are similar with previous one. First, there is Server-A which it can be connected through SSH from user’s PC, and Server-A has connectivity to access remote desktop and web server of Server-B. Second, TCP forwarding is enabled in Server-A. (Kindly read previous article how to enable it, if required)

Note: To make sure Server-A has connectivity through remote desktop to Server B, TCP port 3389 has to be opened from Server-A to Server-B. And for accessing web server, TCP/HTTP port 80, used as sample, has to be opened from Server-A to Server-B.

URL

Dynamic port method will be used to access inaccessible URL: http://Server-B/.

First, establish SSH connection to Server-A using Putty. Once connected, open change settings menu (right click on top panel and choose change settings). There is category box on left side, go to Connection > SSH > then click Tunnels. Put any available local port on Source port text box (in this example, 4000 is chosen), tick Dynamic radio button, after that click Add then Apply.

Second, open browser (in this sample, Mozilla is used), go to Options > Advanced > Network > Connections Settings. Tick Manual Proxy Configuration, leave all with empty/default value, except on SOCKS Host, fill as localhost and Port: 4000. And also kindly do not forget to tick SOCKS v5, then click OK button.

Once done, now try to access http://Server-B/, it will be opened.

Remote Desktop

Method that will be used is putting IP and Port of Server-B explicitly in tunneling. Assuming IP of Server-B is 10.10.10.11.

First, Establish SSH connection to Server-A using Putty. Once connected, open change settings menu (right click on top panel and choose change settings). There is category box on left side, go to Connection > SSH > then click Tunnels. Put any available local port on Source port text box (in this example, 4002 is chosen). And on Destination, fill explicitly the IP and port of Server-B, with format IP:port, in this example, value is 10.10.10.11:3389), tick Local radio button, after that click Add then Apply.

Second, Open Remote Desktop Application, fill the Computer’s field with localhost:4002 then Connect, or simply Ctrl+R then type: mstsc /v: localhost:4002 then Enter. After that, Remote Desktop to Server-B will be possible.

Step by Step: SSH Tunneling with Putty

Supposed there is server A (UNIX based), where you have firewall opened to do SSH connection from your PC directly. And there is another server (server B), where it’s connected from Server A with SSH but you have no direct SSH connection from your PC to server B (firewall is not opened from your PC to server B) .

This article will try to give tips, to make direct SSH connection possible with SSH tunneling from your PC toward server B by using Putty tool.

Note: as pre-requisite to do SSH tunneling, please set AllowTcpForwarding parameter with value equal Yes inside sshd_config fileof Server A, then restart ssh service

server-A> grep -i tcp /etc/ssh/sshd_config
AllowTcpForwarding yes
server-A> svcadm restart ssh

Method#1- Using Dynamic Port

First, connect to Server A and setup the tunnel using dynamic port

Establish SSH connection to server A using Putty. Once connected, open change settings menu (right click on top panel and choose change settings). There is category box on left side, go to Connection > SSH > then click Tunnels. Put any available local port on Source port text box (in this example, 4000 is chosen), tick Dynamic radio button, after that click Add then Apply.

Second, connect to Server B using tunnel that already set

Prepare new putty session to connect to Server B, after putting the IP and port on session part, before clicking on Open button, go to Connection > then Proxy. Tick SOCKS 5 radio button on proxy type, then on proxy hostname, fill localhost and port 4000. Click open, then now you can connect to Server B directly by using server A as proxy to make a tunnel.

Method#2- Put IP and port of another server explicitly

First, connect to Server A and setup the tunnel using specific IP and port of Server B

Establish SSH connection to server A using Putty. Once connected, open change settings menu (right click on top panel and choose change settings). There is category box on left side, go to Connection > SSH > then click Tunnels. Put any available local port on Source port text box (in this example, 4001 is chosen). And on Destination, fill explicitly the IP and port of server B with format IP:port, in this example, value is 10.10.10.10:22), tick Local radio button, after that click Add then Apply.

Second, connect to Server B using tunnel that already set

Prepare new putty session to connect to Server B, on Hostname (or IP address), fill with localhost and port, is 4001. Click open, then connection to Server B can be done directly.