Home > Uncategorized > PuTTY Tunnels for Remote Access

PuTTY Tunnels for Remote Access

PuTTY is a great tool for network connectivity when using Tunnels. This article will show you how to create a Forward Tunnel to allow access to remote resources that would otherwise be blocked by a firewall.

In this scenerio you have a computer at work and you wish to access a remote Git server which operates via SSH on the standard port 22. However, outbound connections to port 22 are blocked by a firewall – only ports 80 (http) and 443 (https) are open. In addition the firewall operates as a HTTP proxy requiring authentication.

The first step is to establish a remote SSH server on ports 80/443. I prefeer 443 simply because it implies SSL encryption, and SSL is encrypted traffic. Adding port 443 to an OpenSSH server is very easy, simply add the line:

Port=443

to the /etc/ssh/sshd_config file, right below the existing “Port 22” line.

Restart the SSHD:

service ssh restart

You can now configure PuTTY to connect to the remote host via port 443.

It’s also easy to configure PuTTY to perform this connection through the proxy. Not all networking tools have the ability to use a proxy, which is one reason I use this technique.

PuTTY Proxy Configuration

Open your PuTTY connection and you should have no problems now reaching your remote SSH server on 443.

Next we will set up the Forward Tunnel. The Forward Tunnel will allow a local application to connect to a remote server through PuTTY. For example, I will use Git to connect to localhost on a port that PuTTY will be listening on, PuTTY will automatically forward that connection through the SSH tunnel to the remote SSH server, which will in turn forward the connection to whereever I specify.

Configure as follows. Source port is the local port PuTTY will listen on. Destination is where the connection will be forwarded to when it comes out the other end of the tunnel on the server side. In this example, the destination will be a Git server on port 443.

Note the Git server does not have to be on port 443. I can be on port 22, or any port at all. You could for example forward to http://www.google.com:80, an all local http connections on your local port 22 will reach google on port 80.

Click add and you will see the following:

This illustrates the 4L22 clearly means it’s IPv4, Local tunnel, on port 22, and shows the destination name and port.

That’s it. To use git, simply open up git bash and issue the following:

git clone git@localhost:[Repository Name]

To push changes back to the server, you first need to establish the tunnel with PuTTY, then issue:

git push master origin

Git sees the repository as being hosted locally on port 22, none the wiser that it’s call is being forwarded through PuTTY -> HTTP Proxy -> Port 443 -> Remote SSHD -> git.yourcompany.com:443

Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: