Thursday 28 September 2017

SSH over proxy or over multiple hosts

Well, sometimes an evil sysadmin won't let us to live in peace and close all the ports that you need (of course, except the ssh).

Presuming that you already have a host with ssh and Internet access (host1 in the following example) you can use it as a "jump" platform or as SOCKS proxy server to reach a target host (host2 here).

+-----------+<--port 22-->+---------+<--port 2222-->+----------+
|   mybox   |-------------|  host1  |---------------|   host2  |
+-----------+             +---------+               +----------+
localhost:8080            "jump" host                  target

Using as proxy server:
(in this example we have two steps, but you can join those steps in one. Hint:  use && as in command1 && command2 and -f ssh parameter).

mybox:~$ ssh -D 8080 -N -p 22 user@host1
user@host1's password:

Type the password and let this terminal open and open another one.

mybox:~$ ssh -X -p 2222 user2@host2 -o ProxyCommand="/usr/bin/connect -5 -S localhost:8080 %h %p"

Jumping over ssh:
mybox:~$ ssh -t -X -p 22 user@host1 ssh -X -p 2222 user@host2

You may ask yourself "Why not using the second example all the time because is simple and more convenient???". 
Well, the simple answer is that you can not use X11 forwarding (-X parameter) if the host1 had not implemented the X11 forwarding rule in the sshd_config. So, no X11 forwarding in this case.
The first example (proxy), because is a SOCKS tunnel, have no importance if the host1 have or not have the X11 forwarding rule active. As a tunnel, it pass the packets between the two ends of it.


  1. A Complete Guide to a managed security service provider near me

    The demand for managed security is continuously growing. It seems that many small and medium-sized businesses love this particular business model, and there are a few good reasons why.

    Business owners expect specific benefits when they choose a managed service model to make their job easier. But, what does it mean to receive managed security services? What do manage service providers do for you and your business?

    In this article we’re going to explain everything you need to know about managed IT security, so let’s start by explaining the meaning of this term.

  2. I really enjoyed reading your blog. I really appreciate your information which you shared with us. If anyone who want to create his/her carrier in Linux. Get a free demo call on 9311002620 or visit

  3. Informative article. I generally want quality content and I found that in your post. The information you have shared about taxi service is beneficial and significant for us. Keep sharing these kinds of articles here. Great blog, thanks for sharing. cyber security companies in India

  4. Thank you for sharing your valuable knowledge and insights. Great job for publishing such a nice article. Your article isn’t only useful but it is additionally really informative. Keep sharing such enlightening articles. Best Cyber security companies

  5. Ensuring the safety of websites or web applications is essential to prevent any sort of attacks (threats) and unauthorized access. As cyber security company in India, I found this information valuable. Glad to read this, great blog. Network vulnerability assessment services

  6. this is very nice blog Hire a reliable Affordable Cleaning Company Bangalore because professional cleaners use different tools which help them to accomplish the cleaning more efficiently. If you have got an enormous home, you must choose us because we've got a team of experienced experts. This can be important, especially if you're getting to pay by the hour because one person cleaning goes to cost you way more than a team of cleaners.

  7. The proxy server will change our IP address every time we log in and hide our real IP. funny post

  8. I found decent information in your article. I am impressed with how nicely you described this subject, It is a gainful article for us. Thanks for share it. Cyber Security Latest News Canada


  9. Nice reading, I love your content. This is really a fantastic and informative post. Keep it up and if you are looking for Cybersecurity then visit K7 Computing.

  10. Blog is very impressive cover the post on over proxy security and also find out the
    House cleaning services in Bengaluru in best price.

  11. You have shared such an interesting and informative post about Proctoscope. I really like the work which you have done here. Thanks for sharing it. Keep it up. Buy Dental diagnostic clinical instrument Online Canada.Cyber Security Assessment for IT infrastructure

  12. You are providing good knowledge. It is really helpful and factual information for us and everyone to increase knowledge. Continue sharing your data. Data Security Consulting

  13. Looking for a CCTV company in Dubai that you can trust? Look no further than Sira Approved. We offer a wide range of top-quality CCTV systems that are perfect for both homes and businesses. Plus, we offer competitive prices and a range of convenient payment options. Contact us today to learn more about how we can help you keep your property safe and secure.

    CCTV Installation in Dubai

  14. Wow There are other inventions in other part of the world as well see CCTV Camera in Netherlands also.

  15. You wrote this post very carefully.Hire Hacker For Email Password The amount of information is stunning and also a gainful article for us. Keep sharing this kind of articles, Thank you.

  16. Great Blog! This post gives a better idea. Thanks for the useful information. I hope you will share some more content. Please keep sharing!

    ISO 27001 Audit