Hello friends, today I have brought a very useful thing for you, after reading it, you will enjoy it.
Note 1: Before going further if you are not aware of Basic IP and Protocols then please read point 3 of this blog.
Note 2: And if you do not know about SSH, then take its information from Google or YouTube, then only go ahead.
Have you heard about ngrok?
If you have heard then it is good and if you have not heard then I will tell you a little.
Generally, we use ngrok for port forwarding.
With the help of ngrok, we can publicly access the services running on our localhost. Mostly everyone uses it to make our demo application or website visible to the client. But it has some limitations and its pricing is very high.
So let’s tackle the problem of its limitations and pricing.
What is port forwarding?
By port forwarding, we can communicate requests from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall.
What is tunneling?
A tunneling protocol is a communication protocol that allows the movement of data from one network to another. This involves allowing private network communication to be sent over a public network or public network communication over a private network through a process called encapsulation.
In simple words, you can communicate your private network to a public network and public network to a private network.
Requirements
- A vps with public ip. and ssh running.
- At least one service running on vps.
- client cpu with ssh running.
Types Of SSH Tunneling or Port Forwarding
There are two types of ssh port forwarding.
1. Local Port Forwarding
You already know this thing that if the devices are connected to the same network then we can access their services on each other devices. And if you don’t know then see Not 1 above.
Now we can access the services of CPU 1 from the client-side because it has public IP. But the services of CPU 2, CPU 3, CPU 4 can be accessed only in the same network. We cannot access it from the client side.
So now we have to apply some tricks to access the services of CPU 2, CPU 3, CPU 4 on the client-side that we are calling here SSH Tunneling (Local Port Forwarding).
Or in another example, if you are familiar with firewall, then let me tell you that if any VPS port is not accessible from the client-side due to firewall. So you can also use this thing to access it.
to do local port forwarding follow the below code.
ssh [USER]@[SERVER] -L [PORT ON CLIENT SIDE]:localhost:[PORT ON SERVER SIDE]Now open localhost:[PORT ON CLIENT SIDE] will open the service of the server on your device.
Pass -g argument for global access (EX: 192.168.1.35 can access this on client-side).
ssh [USER]@[SERVER] -g -L [PORT ON CLIENT SIDE]:localhost:[PORT ON SERVER SIDE]Now open 192.168.1.**:[PORT ON CLIENT SIDE] will open the service of the server on your device.
Other arguments are following:
ssh -N -f [USER]@[SERVER] -L [PORT ON CLIENT SIDE]:localhost:[PORT ON SERVER SIDE]Here the -f option tells the ssh command to run in the background and -N not to execute a remote command.
2. Remote Port Forwarding
This section will be very fun for you. Because you get all the clients to check the demo app. Then you have to give public access and with the help of this, you can do this.
First open /etc/ssh/sshd_config on server/vps.
sudo nano /etc/ssh/sshd_configHere find the GatewayPorts use the following shortcut to find in nano editor.
ctr+w Type GatewayPorts and hit Enter.
Now remove # from this and make it like below:
GatewayPorts yesIn case if not found GatewayPorts then write it in the bottom.
Restart the SSH service with the command:
sudo systemctl restart sshdNow execute the following command:
ssh -R [PORT ON SERVER SIDE]:localhost:[PORT ON CLIENT SIDE] [USER]@[SERVER]Now you can access client service from the vps with the following:
[SERVER]:[PORT ON SERVER SIDE]
3. Dynamic Port Forwarding
comming soon…..
