Tunnel In Existing SSH Connection

Remote work is a blessing and sometimes a nightmare depending on your line of work. I’ve been in a situation where I’m connected to a remote workstation but due to some technicalities, I’m not allowed to disconnect the current SSH¹ connection and or create a new one. And where it lies, I need to tunnel a service from the remote workstation to my local machine.

So, here’s how I did it!

The real voyage of discovery consists not in seeking new landscapes, but in having new eyes.

— Marcel Proust.

So where do we start?

Once you have an existing SSH session opened using the default OpenSSH² client, to open a tunnel simply type <enter>~C where <enter> is the key on your computer keyboard.

~ (tilde) is the SSH’s default EscapeChar. You press <enter> first to clear the buffer, the ~ escape char and any one of a number of options.

If all goes well it will bring up a new console associated with your local SSH client, that will accept SSH command flags, which includes -R and -L.

To map a server service to your local workstation you need to use -L flag. The arguments for that flag would be [bind_address:]port:host:hostport but normally the bind_address is optional.

Then if you want to map local service and tunnel it to remote server, you’ll need to use -R flag. This flag holds similar arguments to the -L.

For example, if I want to forward a remote server Nginx deployed website and access it locally (with local bind IP). What could I do is type <enter>~C then -L 80:localhost:8080<enter>, after that I will immediately gain access to that when I access the site using localhost:8080 on my local machine.

To get a full list of escape sequence that the OpenSSH client accepts, type <enter>~?:

Supported escape sequences:
 ~.   - terminate connection (and any multiplexed sessions)
 ~B   - send a BREAK to the remote system
 ~C   - open a command line
 ~R   - request rekey
 ~V/v - decrease/increase verbosity (LogLevel)
 ~^Z  - suspend ssh
 ~#   - list forwarded connections
 ~&   - background ssh (when waiting for connections to terminate)
 ~?   - this message
 ~~   - send the escape character by typing it twice

That’s all guys. 🐲

Conclusion

Most of the command line tools have flags you probably haven’t explored. So, try to explore each one to become proficient in the platform you are currently working on. Just like programming, you won’t memorize it in a day, but to truly know the tools capability you must use it in a very dire situation.

This OpenSSH² escape sequence is really helpful for DevOps and software engineers (for software development).

Let me know in the comments if you have questions or queries, you can also DM me directly.

Follow me for similar article, tips, and tricks ❤.

---

1. SSH or Secure Shell is a cryptographic network protocol for operating network services securely over an unsecured network. ↩︎
2. OpenSSH (also known as OpenBSD Secure Shell) is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an unsecured network in a client–server architecture. ↩︎