🔗
Networking concepts
  • Introduction
  • DNS
    • Introduction
    • DNS query
  • SSH
    • Introduction
    • Basics
    • SSH tunneling
      • Direct SSH tunnel
      • Reverse SSH tunnel
      • Dynamic SSH tunnel
    • SSH public key authentication
    • Port forwarding with virtual interface
    • sshd
    • scp/sftp
  • 🔫Networking tools
    • configuration & information
      • ip
      • netstat/netsh
      • ifconfig/ipconfig/iwconfig
      • arp
      • route
      • ps
      • ss
      • lsof
      • pgrep
      • nmcli
      • Information about services/processes & PID
    • monitoring & troubleshooting
      • ping
      • tracert/traceroute
      • mtr
      • iperf3
    • domain information
      • dig/nslookup
      • whois
      • host
    • capture & analysis
      • tcpdump
      • ngrep
      • wireshark
    • firewall & security
      • iptables
      • nft
    • services
      • dnsmasq
      • hostapd
      • RDP/VNC
      • ngrok
      • networking.service
      • NetworkManager.service
      • nginx
      • apache
      • nfs
    • miscellaneous
      • cURL
      • wget
      • netwox
      • netcat
      • openssl
      • socat
      • ftp
      • smbclient
    • proxy & tunneling
      • proxychains
    • Programming/scripting
      • Python
      • C
  • 🤩Interesting concepts
    • Simple tips & tricks
    • Network hole punching
    • SSH Over HTTPS
  • Network ports & services cheat sheet
    • 20/21/tcp ~ ftp
    • 22/tcp ~ ssh
    • 23/tcp ~ telnet
    • ...
  • For-fun projects
    • Raspberry pi + Windows machine experiments
Powered by GitBook
On this page
  1. SSH
  2. SSH tunneling

Dynamic SSH tunnel

Dynamic SSH tunnel, also known as dynamic port forwarding allows the creation of a SOCKS proxy, allowing traffic to be relayed through the SSH connection. SOCKS, which stands for Socket Secure, is a network protocol that facilitates exchanges of network packets between a client and a server through a proxy server.

Dynamic tunneling is enabled with the -D flag, with the supplied values: [local_address:]local_port

$ ssh user@server -D [local_address:]local_port

To test the configurations, we can use the cURL command with the --socks5 or -x options.

Eg. Suppose we have a remote server at the address 10.10.10.10 (running SSH at default port 22). We want to configure a proxy on our localhost at port 8888, that tunnels and proxies all traffic through the remote server.

$ ssh user@10.10.10.10 -D 127.0.0.1:8888

# Test the configurations
$ curl [destination_addr] --socks5 127.0.0.1:8888
$ curl [destination_addr] -x socks5://127.0.0.1:8888
The source address as seen from the destination address server will be that of 
# the remote server at 10.10.10.10

The source address as seen from the destination address server will be that of the remote server (10.10.10.10).

PreviousReverse SSH tunnelNextSSH public key authentication

Last updated 18 days ago