How do I make a reverse tunneled port accessible to other computers using SSH?

Solution Unverified - Updated -

Issue

The SSH client provides users with the ssh -R option to create reverse tunnels on other machines. The use of this option instructs SSH to bind on a specified address and port and tunnel incoming connections to a service on the local network. By default, however, it only allows binding to the system's loopback interface.

Solution

To allow SSH to bind to other IP addresses or to all interfaces on the remote server, you must add the following line to your /etc/ssh/sshd_config file located on the remote server:

GatewayPorts yes

You must then restart the SSH Server with /sbin/service sshd restart.

You can then use reverse tunnelling by using the following options:

ssh -R [bind_address:]port:host:hostport

More information on ssh -R can be found by running man ssh. More information on the GatewayPorts configuration option can be found by running man sshd_config.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content