ssh reverse tunnel & gateway ports: forwarding users real (public) IP address?
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
I'm using a reverse tunnel to a public vps so users can connect to my machine at home. However, due to the reason the reverse tunnel works, their IP addresses are shown as local (127.0.0.1) to my service.
is it possible to make SSH forward the public IP address of the user (e.g. 7.8.9.10 instead of 127.0.0.1)? could it potentially break something?
ssh ssh-tunneling port-forwarding tunneling
add a comment |Â
up vote
0
down vote
favorite
I'm using a reverse tunnel to a public vps so users can connect to my machine at home. However, due to the reason the reverse tunnel works, their IP addresses are shown as local (127.0.0.1) to my service.
is it possible to make SSH forward the public IP address of the user (e.g. 7.8.9.10 instead of 127.0.0.1)? could it potentially break something?
ssh ssh-tunneling port-forwarding tunneling
I think this is not possible, however I'm also very interested in an answer, facing a related problem.
â Tomáà ¡ PospÃà ¡ek
Nov 28 '17 at 21:50
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I'm using a reverse tunnel to a public vps so users can connect to my machine at home. However, due to the reason the reverse tunnel works, their IP addresses are shown as local (127.0.0.1) to my service.
is it possible to make SSH forward the public IP address of the user (e.g. 7.8.9.10 instead of 127.0.0.1)? could it potentially break something?
ssh ssh-tunneling port-forwarding tunneling
I'm using a reverse tunnel to a public vps so users can connect to my machine at home. However, due to the reason the reverse tunnel works, their IP addresses are shown as local (127.0.0.1) to my service.
is it possible to make SSH forward the public IP address of the user (e.g. 7.8.9.10 instead of 127.0.0.1)? could it potentially break something?
ssh ssh-tunneling port-forwarding tunneling
asked Nov 28 '17 at 21:06
simplex123
1
1
I think this is not possible, however I'm also very interested in an answer, facing a related problem.
â Tomáà ¡ PospÃà ¡ek
Nov 28 '17 at 21:50
add a comment |Â
I think this is not possible, however I'm also very interested in an answer, facing a related problem.
â Tomáà ¡ PospÃà ¡ek
Nov 28 '17 at 21:50
I think this is not possible, however I'm also very interested in an answer, facing a related problem.
â Tomáà ¡ PospÃà ¡ek
Nov 28 '17 at 21:50
I think this is not possible, however I'm also very interested in an answer, facing a related problem.
â Tomáà ¡ PospÃà ¡ek
Nov 28 '17 at 21:50
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
0
down vote
SSH implements a tunnel in which information is only **forwarded* to or from the remote or local system. Therefor it can only to the assigned local address. You can however configure a local private address virtually and bind to it instead of 127.0.0.1.
sudo ifconfig eth0:0 10.0.0.1 up
sudo ssh -g -L 1234:10.0.0.1:1234 user@host.tld
In order to keep the IP address you need something like l2tp. Note that port forwarding in these cases of NATs is called IP masquerading and by definition loses information about the original IPs when it is sent over the tunnel. Instead you'd need to encapsulate forward packets including their source into something like l2tp and THEN forward that through the tunnel then decode it on the other side.
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
SSH implements a tunnel in which information is only **forwarded* to or from the remote or local system. Therefor it can only to the assigned local address. You can however configure a local private address virtually and bind to it instead of 127.0.0.1.
sudo ifconfig eth0:0 10.0.0.1 up
sudo ssh -g -L 1234:10.0.0.1:1234 user@host.tld
In order to keep the IP address you need something like l2tp. Note that port forwarding in these cases of NATs is called IP masquerading and by definition loses information about the original IPs when it is sent over the tunnel. Instead you'd need to encapsulate forward packets including their source into something like l2tp and THEN forward that through the tunnel then decode it on the other side.
add a comment |Â
up vote
0
down vote
SSH implements a tunnel in which information is only **forwarded* to or from the remote or local system. Therefor it can only to the assigned local address. You can however configure a local private address virtually and bind to it instead of 127.0.0.1.
sudo ifconfig eth0:0 10.0.0.1 up
sudo ssh -g -L 1234:10.0.0.1:1234 user@host.tld
In order to keep the IP address you need something like l2tp. Note that port forwarding in these cases of NATs is called IP masquerading and by definition loses information about the original IPs when it is sent over the tunnel. Instead you'd need to encapsulate forward packets including their source into something like l2tp and THEN forward that through the tunnel then decode it on the other side.
add a comment |Â
up vote
0
down vote
up vote
0
down vote
SSH implements a tunnel in which information is only **forwarded* to or from the remote or local system. Therefor it can only to the assigned local address. You can however configure a local private address virtually and bind to it instead of 127.0.0.1.
sudo ifconfig eth0:0 10.0.0.1 up
sudo ssh -g -L 1234:10.0.0.1:1234 user@host.tld
In order to keep the IP address you need something like l2tp. Note that port forwarding in these cases of NATs is called IP masquerading and by definition loses information about the original IPs when it is sent over the tunnel. Instead you'd need to encapsulate forward packets including their source into something like l2tp and THEN forward that through the tunnel then decode it on the other side.
SSH implements a tunnel in which information is only **forwarded* to or from the remote or local system. Therefor it can only to the assigned local address. You can however configure a local private address virtually and bind to it instead of 127.0.0.1.
sudo ifconfig eth0:0 10.0.0.1 up
sudo ssh -g -L 1234:10.0.0.1:1234 user@host.tld
In order to keep the IP address you need something like l2tp. Note that port forwarding in these cases of NATs is called IP masquerading and by definition loses information about the original IPs when it is sent over the tunnel. Instead you'd need to encapsulate forward packets including their source into something like l2tp and THEN forward that through the tunnel then decode it on the other side.
answered Nov 29 '17 at 0:29
jdwolf
2,392116
2,392116
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f407590%2fssh-reverse-tunnel-gateway-ports-forwarding-users-real-public-ip-address%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
I think this is not possible, however I'm also very interested in an answer, facing a related problem.
â Tomáà ¡ PospÃà ¡ek
Nov 28 '17 at 21:50