Search code examples

How to make SSH remote port forward that listens

I need to do remote port forwarding that will listen instead of on the remote machine so that I can connect from outside internet to IP_OF_BBB:SOME_PORT in order to connect to SSH port of AAA.

I managed to make this happen by the following:

  1. AAA:~$ ssh -R 22:localhost:2222 user@BBB
  2. BBB:~$ ssh -L 2222:*:2223 user@localhost

Now I can connect to AAA with this command:

ssh user@BBB -p 2223

The local port forwarding is a workaround, of course. Is there any clearer way to do this?


  • Enable GatewayPorts in sshd_config (by default it is disabled). Enabling it will instruct sshd to allow remote port forwardings to bind to a non-loopback address. AskUbuntu has a similar question about Reverse Port Tunneling that goes into more details.