I am able to accept reverse SSH connections from multiple remote systems on a single server using a port for each connection:
Remote A: ssh -fN -R5000:localhost:22 user@server-ip -p22
Remote B: ssh -fN -R5001:localhost:22 user@server-ip -p22
Remote C: ssh -fN -R5002:localhost:22 user@server-ip -p22
I can access these systems from my local client as needed:
Access Remote A: ssh root@server-ip -p5000
Access Remote B: ssh root@server-ip -p5001
This requires forwarding one port per remote system on the server. When 100+ remotes connect, do I have any options other than opening 100+ ports in the server firewall and statically assigning each remote to a port as above? My goal is to enable multiple remotes to create tunnels on demand, where I can query who is connected.
I found that sslh is a multiplexer that can differentiate between traffic on a single port based on protocol but this only applies to different protocols eg. ssl/ssh. Is there a solution that allows multiple tunnels on a single port?
Example:
Remote A: ssh -fN -R5000:localhost:22 user@server-ip -p22 -identifier abc123
Remote B: ssh -fN -R5000:localhost:22 user@server-ip -p22 -identifier def456
access Remote A: ssh root@server-ip -p5000 -identifier abc123
access Remote B: ssh root@server-ip -p5000 -identifier def456
No comments:
Post a Comment