User Tools

Site Tools


Reverse Tunnel with SSH

Here I'll describe how to establish a tunnel to gain access to a client behind a firewall or NAT router.

The following command is run on the client. It will establish a listening socket on port 22222:

#ssh -R 22222:localhost:22

Now connect to with ssh from you workstation:


Then from the new ssh terminal, connect through the client tunnel:

#ssh root@localhost -p 22222

Viola. You will now have root access to the client.

For windows clients this ssh server might be usefull, not tested though: Free SSHd

For security if this should be used over GPRS lines:

  1. The server could be There might be some benefits by doing this: Local files and browser interface with terminal.
  2. The 'client' user should be added to the server, with no rights and unattended certificate login. It should only allow for the callback socket.
reverse-ssh.txt · Last modified: 2019/07/21 18:03 (external edit)