Port Forwarding in OSX with SSH Tunnel Manager
When you are stuck behind a corporate firewall, it can seem like the end of the world. hwoever, if you can SSH out, then all is not lost. Using port foorarding and SSH tunnels you can acheive pretty much anything you need. In this article we run through how to set up and use SSH Tunnel Manager in OSX to achieve the results you need to be able to adminster a CPanel/WHM server or more from within a firewalled environment.
Using SSH Tunnel Manager
Half the problem with SSH tunnel manager is that it is buggy and lacks any documentation. I hope in part this article will go towards fixing that, though I am less able to fix any bugs. That being said it is pretty solid and reliable and barely ever crashes. That being said, the real advantage of SSH Tunnel manager is that you can quickly and easily set up a tunnel with all the required ports without all the hassle of writting all the requisite parts to the command yourself
.
Download and install SSH Tunnel Manager
Grab the STM dmg file from the SSH Tunnel Manager web site, double click the file to mount the image and then transfer the app to your hard drive. Then just double click the application to get started. It’s that simple!
Setting Up A Tunnel
When starting the app for the first time, you may see nothing but a menu bar change, if so, go to the "Window" drop menu and select "Show Tunnels" or use, Apple Key + T, to open it the list.
At the bottom of the tunnels list is a button "Configuration". Click this to open the configuration window. From there below the empty list window on the left, click the + sign.
Configuring A New SSH Tunnel
The basic requirements for the SSH tunnel are as follows:
- Tunnel Name/ID
- User Login
- User Password
- Tunnel Host
- Port (22 by default)
These items are all pretty self explanatory. Below these you have the local redirections and remote redirections. The local redirections refer to those within the SSH Tunnel host, whilst remote redirections are those reaching for network services outside of the tunnel host. For each of these you need:
- Local Port
- Hostname
- Remote Port
To add a redirect, simply click the + sign next to the respective redirect window and a new line will be added for you to make the appropriate entry. Local Redirects are for those from your computer to another server for example, port 8090 locally to port 80 on another server. The Remote Redirect is for the reverse, where you wish to redirect traffice from, say for example, port 8090 on the remote server to port 80 on your computer, securely. An example of those would be:
- Port: 2087 / Remote Host: some.cpanelserver.com / Port: 2087
- Port: 2087 / LAN Host: yourcomputer.com / Port: 2087
Further Configuration Options …
Beyond the basic setup for the port redirects, you may want to also look up the options to auto-connect the tunnel, so that it is invoked every time you start STM, or every time you start the computer if you add STM as a login item. Other options include using STM to handle authentication, compression of the conection, force using SSH v1, allow LAN connections, and enable SOCKS4 Proxy protocol, typically on port 1080, and selecting the encryption type, which defaults to 3des, though des and blowfish are available.
If anything, you can simply ignore these additional options and just set up the redirects + other login information, click connect andyou are ready to go. These other options are just the icing on the cake and make the configuration fo the type of secured connection you need just a little easier.
One great little feature of the options side drawerr in STM is the fact that the end generated command is displayed on the fly at the bottom.
Automatic Login
If you want to be able to use STM to login, but don’t wish to have to type in the password every time you click connect, following the instruction in my previous article "Setup Automatic SSH Login with OSX" will do the trick.
Conclusion: Many Way to Do The Same Thing. Take Your Pick …
Whether running tunnels manually, or via SSH Tunnel manager there are a plethora of ways to get the kind of secured network access you need. Each is simple enough once you have read the docsa nd mastered the transaction. So take your pick!
Please note … that there are stiff penalties for using such things, in some corporations, for example financial institutions on wall street or in the square mile, and if you do in deed use tunneling technology you run the risk of being fired. It’s not that the technology is subversive, but could, as you can see, be used for hiding network traffic that, although potentially inocuous may, at the same time, be damaging or criminal.
Find out more info on the SSH Tunnel Manager web site or open up your Terminal.
