ssh配置临时反向代理

原创

zmoke 2021-10-13 13:45:03 博主文章分类：系统 ©著作权

文章标签 ssh 反向代理 文章分类 运维

©著作权归作者所有：来自51CTO博客作者zmoke的原创作品，请联系作者获取转载授权，否则将追究法律责任

ssh反向代理配置

A服务器有两块网卡

[root@localhost ~]# ip -4 a show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    inet 192.168.43.197/24 brd 192.168.43.255 scope global noprefixroute enp0s3
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    inet 192.168.56.102/24 brd 192.168.56.255 scope global noprefixroute dynamic enp0s8
       valid_lft 575sec preferred_lft 575sec

B服务器有单独一块网卡

[root@localhost ~]# ip -4 a show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    inet 192.168.43.197/24 brd 192.168.43.255 scope global noprefixroute enp0s3
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    inet 192.168.56.102/24 brd 192.168.56.255 scope global noprefixroute dynamic enp0s8
       valid_lft 575sec preferred_lft 575sec

A服务器配置修改sshd配置文件，重启sshd服务

[root@localhost ~]# grep Gateway /etc/ssh/sshd_config
GatewayPorts yes

B服务器配置转发 ssh -CqTfnN -R:222:0.0.0.0:22 root@192.168.56.102
此处端口中间的为跳板机监听地址，后面为B服务器与A服务器互联地址，需要输入B服务器密码

访问B的地址与指定端口，直接跳转到A服务器

PS C:\Users\zhangzhiqiang> ssh root@192.168.43.197 -p 222
root@192.168.43.197's password:
Last login: Wed Aug 18 14:38:54 2021 from localhost
[root@localhost ~]# ip -4 a show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    inet 192.168.56.101/24 brd 192.168.56.255 scope global noprefixroute dynamic enp0s3
       valid_lft 441sec preferred_lft 441sec

关闭跳转，在B服务器上查看指定端口，对应的sshd进程，Kill相应进程结束转发服务