Reverse SSH Tunnelling
It is possible to create a “reverse” SSH Tunnel. The reverse tunnel will allow you to create an SSH Tunnel from your work computer to your home computer, for example, and then login to your work machine from your home machine even if your work firewall does not permit ssh traffic initiated from your home machine!
For this to work, an SSH Server must be installed on your work and home computer, and ssh (TCP port 22) must be allowed outbound from your work computer to your home computer.
Syntax: ssh -R remote_port:localhost:22 your_home_computer
At home, you would then run ssh -p 2048 localhost to log into your work computer via ssh.
Here is a script that you can run through the cron facility on your work system to make sure the reverse SSH Tunnel to your home system is up and running. It is useful in case the system is rebooted.
# $REMOTE_HOST is the name of the remote system
# $REMOTE_PORT is the remote port number that will be used to tunnel
# back to this system
# $COMMAND is the command used to create the reverse ssh tunnel
COMMAND=”ssh -q -N -R $REMOTE_PORT:localhost:22 $REMOTE_HOST”
# Is the tunnel up? Perform two tests:
# 1. Check for relevant process ($COMMAND)
pgrep -f -x “$COMMAND” > /dev/null 2>&1 || $COMMAND
# 2. Test tunnel by looking at “netstat” output on $REMOTE_HOST
ssh $REMOTE_HOST netstat -an | egrep “tcp.*:$REMOTE_PORT.*LISTEN” \
> /dev/null 2>&1
if [ $? -ne 0 ] ; then
pkill -f -x “$COMMAND”