In cloud environments, you might encounter scenarios where you need to forward traffic securely between hosts. SSH tunneling, also known as port forwarding, is a technique that allows you to create a secure communication tunnel between two hosts over specific ports.
What is SSH Tunneling?
SSH tunneling enables secure access to remote services that are not directly accessible. For instance, you can access a private service on a cloud server through a public host. This approach helps maintain security by keeping sensitive services private.
Example: Accessing Jenkins Dashboard on AWS
Suppose you have Jenkins running on an EC2 instance in AWS, and you want to access its dashboard on port 8080. Using SSH tunneling, you can securely forward traffic from your local machine to the Jenkins instance.
Pre-requisites:
- Ensure the Jenkins EC2 instance allows TCP traffic on port 8080 and HTTP traffic in its security group.
- Have the access key for the Jenkins EC2 instance.
Command to Create the Tunnel:
ssh -i <access-key> -L <your-host-port>:<Jenkins-ip>:<Jenkins-port> <public-Jenkins-instance>
Example:
ssh -i "myKey.pem" -L 4040:localhost:8080 ubuntu@ec2
Explanation of Flags:
-
i: Includes the access key file required for authentication. -
L: Specifies the local port (4040), remote host (localhostor the private IP of Jenkins), and remote port (8080) for the tunnel. -
localhost: Refers to the Jenkins instance. SSH forwards traffic to port 8080 on the Jenkins EC2 instance.
Accessing Jenkins Locally
After running the command, open your browser and navigate to http://localhost:4040. You should see the Jenkins dashboard, as traffic on port 4040 of your machine is securely forwarded to port 8080 on the EC2 instance.
Conclusion
By leveraging SSH tunneling, you can securely access remote services like Jenkins dashboards without exposing them to the public internet. This technique is versatile and applicable to many cloud-based workflows.
Top comments (0)