By cshelton


2013-11-18 01:32:17 8 Comments

I would like to build an ssh tunnel from my android device (call it A) on port MMM to a machine C on port NNN. HOWEVER, A and C are not directly connected. They are only connected through machine B (which is also running an ssh server). Finally, port NNN is only open locally on machine C (which is also running an ssh server).

So, with openssh in unix, I can use the command line of ssh or the ProxyCommand argument in .ssh/config to archive this:

Host C-tunnel
   HostName C
   Port 22
   Use username
   IdentityFile ~/.ssh/myidentityfileforC.pem
   ProxyCommand ssh -e none -i /.ssh/myidentityfileforB.pem [email protected] nc -w 120 %h %p 2> /dev/null

I can then set up a tunnel straight from my localhost to C:NNN (through the connection above).

Is there an app for android that supports similar? I tried connectbot and ssh autotunnel. The later got close, as I could set up one tunnel from A to B and then another from A to C (through the tunnelled A->B connection), but initiating the latter brought both of them down. Setting up just the first tunnel and then using connectbot allows me to connect via ssh to C, but I cannot set up a port forward directly to C:NNN.

Any suggestions? Is there a direct port of openssh I've missed?

2 comments

@Tiago 2018-05-08 09:27:09

This is based on shelton's comments but they confused me, so here's how to do a "-J" hop using ConnectBot, e.g. via something like serveo:

  • Add a connection to the Hop host (e.g serveo). This is purely a "man in the middle", and will be used to forward to the real host. E.g: "[email protected]". You can turn off "Start shell session".

    • Save the serveo connection.
    • "Hold" the serveo connection in your list of hosts, and choose edit port forwards.
    • Add a new port forward. Type: "Local", source port: "2222", destination "alias:22". This opens localhost:2222 when this serveo connection is made, which will forward/hop your connection to the target host.
  • Add a new host, matching the port forward. E.g "[email protected]:2222".

The normal usage workflow will now be:

  • Connect to the serveo host. This will start the tunnel. Close (but don't disconnect), so the tunnel stays active.
  • Connect to the second (localhost:2222) host. This will run through the tunnel to your remote host. Authenticate as normal and voila!

@cshelton 2018-05-08 15:34:51

Thanks. I did end up using connectbot as you suggested. The need to "click twice" is annoying, but it certainly works.

@Tiago 2018-05-08 17:47:17

Ah I just realised your answer was actually to your own question! I ended up fighting this a bit, your answer helped get 90% of this running but the last parts confused me a bit, so thought add an answer in case anyone else stumbles across the same confusion.

@Tiago 2018-05-08 17:47:50

It's a bit annoying, but super cool that this works from my phone. Can trigger some automation while on the move now, easy peasy :)

@cshelton 2013-11-19 16:49:08

Outside of stackexchange, I also asked some colleagues. One suggestion they had did work. In particular, instead of using ssh autotunnel for the tunnels, I used connectbot to connect and create tunnels. They can be layered. The only downside is that I leave a shell open.

More specifically:

  1. I use connectbot to connect to B (ssh, port 22) and then add a forwarding from a port 2222 on A to port 22 on C. I leave this shell open.
  2. Then I make a new different connection to port 2222 on A (which opens a shell on C) and add port forwarding from port 2NNN to "localhost:NNN" (which is actually C:NNN).

Now I can connect to A:2NNN (my localhost, port 2NNN) and get to C:NNN as if it were local. I have to leave the shells open, but it works well enough.

Related Questions

Sponsored Content

2 Answered Questions

[SOLVED] Automatic system-wide proxy

1 Answered Questions

[SOLVED] SSH to Mac using Android Phone

1 Answered Questions

[SOLVED] Can't seem to SSH from Android

  • 2016-04-05 04:41:11
  • PairedPrototype
  • 1629 View
  • 1 Score
  • 1 Answer
  • Tags:   ssh

2 Answered Questions

[SOLVED] SSH to Ubuntu desktop

  • 2015-05-11 00:45:27
  • rob
  • 270 View
  • 0 Score
  • 2 Answer
  • Tags:   ssh

2 Answered Questions

[SOLVED] SSH Tunnel with Android

  • 2011-04-17 11:54:53
  • LanceBaynes
  • 1780 View
  • 7 Score
  • 2 Answer
  • Tags:   ssh vnc

1 Answered Questions

[SOLVED] How can I determine the hostname of another machine on the local network?

  • 2014-03-10 12:11:09
  • david.libremone
  • 3453 View
  • 0 Score
  • 1 Answer
  • Tags:   networking ssh

1 Answered Questions

[SOLVED] Does ConnectBot supports SSH tunnel /authenticating with pubkey/?

  • 2011-05-13 16:25:14
  • LanceBaynes
  • 544 View
  • 2 Score
  • 1 Answer
  • Tags:   ssh

Sponsored Content