Shell – List open SSH tunnels

shellsshssh-tunnel

I use a lot of SSH tunnels to various servers on my linux machine (for tunnelling to databases, web servers etc) and it would be really handy to view a list of current open tunnels via a shell script.

I can identify local connections via a grep on netstat along the lines of:

netstat -n --protocol inet | grep ':22'

but this won't show me the remote port its connected to (and obviously includes standard SSH connections that aren't tunnelled)

UPDATE: The answers are fine but are not showing me the remote port I'm connected to. E.g I often have a tunnel through to mysql, say localhost:3308 mapping to :3306 on the server. Normally I can guess by the local ports I've chosen but would be nice to have access to both.

Any ideas?

Best Answer

if you only want to list tunnels created by ssh:

% sudo lsof -i -n | egrep '\<ssh\>'
ssh  19749  user  3u  IPv4 148088244   TCP x.x.x.x:39689->y.y.y.y:22 (ESTABLISHED)
ssh  19749  user  4u  IPv6 148088282   TCP [::1]:9090 (LISTEN)
ssh  19749  user  5u  IPv4 148088283   TCP 127.0.0.1:9090 (LISTEN)

(that would be a -L 9090:localhost:80 tunnel)

if you want to see the tunnels / connections made to a sshd:

 % sudo lsof -i -n | egrep '\<sshd\>'
sshd  15767  root  3u  IPv4 147401205   TCP x.x.x.x:22->y.y.y.y:27479 (ESTABLISHED)
sshd  15842  user  3u  IPv4 147401205   TCP x.x.x.x:22->y.y.y.y:27479 (ESTABLISHED)
sshd  15842  user  9u  IPv4 148002889   TCP 127.0.0.1:33999->127.0.0.1:www (ESTABLISHED)
sshd  1396   user  9u  IPv4 148056581   TCP 127.0.0.1:5000 (LISTEN)
sshd  25936  root  3u  IPv4 143971728   TCP *:22 (LISTEN)

the ssh-daemon listens on port 22 (last line), 2 subprocesses are spawned (first 2 lines, login of 'user'), a -R tunnel created on port 5000, and a -L tunnel which forwards a port from my (local) machine to localhost:80 (www).

Related Solutions

PuTTY dynamic port forwarding with access to localhost ports

So you are forwarding 8000 on your local machine to connect to a webserver listening on 127.0.0.1:8000 on your remote machine?

Then you are asking putty to listen on 8000 on your local machine to do the dynamic port forwarding. It won't be able to do both at once.

You could change the dynamic port to something other than 8000 - how about 8001?

So have the Dynamic forward (SOCKS) on 8001, and keep the local port forward from 8000 to 127.0.0.1:8000.

SSH local port forwarding to a website

This technique works, but is not very good for accessing websites since you need to forward a port for each and every domain being accessed. If you load slashdot in chrome and use the developer tools, you can see that when you load slashdot it is actually loading content from at least 21 different domains. If you are only forwarding one domain then you won't see all the content.

Another problem is that you are tunneling to port 80 on a site that is serving content on port 443. If you run "curl -i slashdot.org" you will see that it serves you a 301 redirect to HTTPS. When the browser tries to follow the redirect to HTTPS everything will fail.

You would be better off using ssh as a SOCKS proxy and configuring your browser to use it. You can open a socks proxy on a local port like this:

ssh -D 8080 myhost.com

myhost.com could be "localhost" in your case, but usually is a remote server. Once you have this session open, just go into browser preferences and configure the browser to use a SOCKS v5 proxy pointed at localhost port 8080 (easier to do in firefox than chrome imho). Once that's done the browser will run all of its traffic through the ssh tunnel.

This can be incredibly useful for accessing websites hosted on private networks, or encrypting your data across a network you think is not secure.

Best Answer

Related Solutions

PuTTY dynamic port forwarding with access to localhost ports

SSH local port forwarding to a website

Related Question