Ssh – How to view traffic over a forwarded ssh port

ssh

It is possible to setup an SSH port forward where the ssh client prints out the traffic exchanged over the ssh port to the screen or a file.

I am trying to debug a problem and want to see what is being sent between a java process running on my local machine and a remote process running on Solaris. I am using the port forwarding via ssh so that i can step through the java program. Normally I would have to copy
the .java files to the Solaris machine, build them and run and it is not very productive way to debug, thus the port forwarding. The client and server as using IIOP protocol so I can't use an http proxy to monitor the traffic.

Best Answer

I would cheat and put a couple of netcat's and a tee in the pipeline:

nc -k -l -p $localport -c "tee file.out | nc 127.0.0.1 $portforwardport"

where $localport is an arbitrary port to point your java process at and $portforwardport is your ssh port forward port number. The -k makes the listening netcat stay listening rather than exiting after the first time a client disconnects. The output will end up in file.out on your localhost.

Related Solutions

How to Tunnel Traffic Through Another Machine Over SSH

I don't know if that's what you're looking for, but you can use ssh -D4545 domain.com to open a socks proxy tunnel at port 4545 to the desired machine from your computer.

You can then set up that proxy in your application (say Firefox) and use a plugin to quickly engage and disengage the proxy settings (something like TorButton).

There is one drawback though: when your target host has more than one network device, you cannot control which one will your data take to leave the machine you're tunneling to.

This can be circumvented by installing a normal proxy server on that machine, routing the traffic from, say, localhost:3128 to the desired network interface, and then doing a ssh -L4545:localhost:3128 and pointing all applications to 4545 that ought to use the proxy.

This gives you greater control on the proxy side, as the integrated proxy of SSH is not really configurable.

Ssh – X client forwarded over SSH “cannot open display: localhost:11.0”

This is the very basic way of how it should work:

On the client / local machine (Xorg installed on client) try this:

$ xhost +
access control disabled, clients can connect from any host

Later try:

$ ssh -AY user@host xterm

$ ssh -AX user@host xterm

With non standard clients xhost may be needed.

check 9.3.5.6. Nonstandard X clients

Best Answer

Related Solutions

How to Tunnel Traffic Through Another Machine Over SSH

Ssh – X client forwarded over SSH “cannot open display: localhost:11.0”

Related Question