DZone
DevOps Zone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
  • Refcardz
  • Trend Reports
  • Webinars
  • Zones
  • |
    • Agile
    • AI
    • Big Data
    • Cloud
    • Database
    • DevOps
    • Integration
    • IoT
    • Java
    • Microservices
    • Open Source
    • Performance
    • Security
    • Web Dev
DZone > DevOps Zone > How to Use SSH Tunneling to Get to Your Restricted Servers

How to Use SSH Tunneling to Get to Your Restricted Servers

Zemian Deng user avatar by
Zemian Deng
·
Nov. 05, 14 · DevOps Zone · Interview
Like (0)
Save
Tweet
9.99K Views

Join the DZone community and get the full member experience.

Join For Free

Have you ever been told that in your network serverX can only be reached by a serverY via SSH? Now you have access to serverY from your own PC with normal SSH access as well, but just not directly to serverX.

What can you do in situation like this if you need to access the restricted serverY? Well you can always ssh into serverY, then ssh again into serverX to check your work or log or whatever. But what happen if you have a database server or WebLogic Server instance running in serverX; and you want your local PC's fancy tools to access the serverX? (Eg: Accessing the WLS admin console, or using SqlDeveloper to connect to your DB etc). In this case, that's where ssh tunneling can help you, and here is how.

 1. Establish a connection to your serverY that you have access to from your PC. On top of that and at the same time, you will create a tunnel to serverX (your restricted server) by letting serverY redirect all the network traffic data back to your local PC on a specific port. Sounds scary, but it can be done with single command. For example this is how I can access the WLS Admin Console app that was running on server Y. On your own PC, open a terminal and run the following:

bash> ssh -L 12345:serverY:7001 serverX

Above will prompt you to access serverX with ssh credential. Once logged in, you need to keep the terminal open. Now the tunnel is established and redirecting traffic from port 7001 on serverY to your own PC on port 12345, which is where the WLS admin console is running.

2. Open a browser on your own PC and type in address http://localhost:12345/console

Now you should able to access your restricted serverY WLS admin console!

Same can be done with a database server such as MySQL. For example, you will run ssh -L 12346:serverY:3306 serverX and then change your SqlDeveloper JDBC connection url string to the tunnel port jdbc:mysql://localhost:12346/mydb
This is a cool technique to get around a secured environment.

Database server Console (video game CLI) terminal Network Database Connection (dance) app Data (computing) Strings

Published at DZone with permission of Zemian Deng, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Basic Convolutional Neural Network Architectures
  • Ensure API Consistency and Security With Anypoint API Governance
  • Servlets Listeners Introduction and Examples
  • Modernize Legacy Code in Production: Rebuild Your Airplane Midflight Without Crashing

Comments

DevOps Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • MVB Program
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends:

DZone.com is powered by 

AnswerHub logo