commit 367a07c7f3362ba0357fb5ab0ac4766827c4048e
parent d73fa9319c094102e828a38b35d937c71e3e610f
Author: pyratebeard <root@pyratebeard.net>
Date: Wed, 1 Feb 2023 16:15:26 +0000
exit..._ssh_left
Diffstat:
1 file changed, 40 insertions(+), 0 deletions(-)
diff --git a/entry/exit..._ssh_left.md b/entry/exit..._ssh_left.md
@@ -0,0 +1,40 @@
+The [ssh](TK){target="_blank" rel="noreferrer"} command isn't only for accessing a shell on remote systems. It can also be used to tunnel traffic or view remote web applications without having to mess around with firewalls.
+
+As an example, the other day I installed [Grafana](TK){target="_blank" rel="noreferrer"} on a Linux server in the cloud. To quickly view the web UI on my local machine I can use `ssh` with the `-L` option to forward a local port to the Grafana port (default: 3000) on my server
+```
+ssh -L 3000:server:3000 server
+```
+
+Navigating to localhost:3000 in my browser gives me access to Grafana. This is great except I have to leave a terminal open for the `ssh` session. Adding the `-N` option tells `ssh` not to run a remote command, if you try this the connection will open but you won't get a prompt on the server. Also adding the `-f` option puts `ssh` into the background, freeing up the terminal
+```
+ssh -NfL 3000:server:3000 server
+```
+
+In order to close the connection you will have to find the PID then kill it. Not very eloquent. My preference is to use the `ControlMaster` option in my ~/.ssh/config, something that I use for sharing `ssh` connections (see my [ssh-aring is caring](20220116-ssh-aring_is_caring.html){target="_blank" rel="noreferrer"} post).
+
+By adding the `ControlMaster` and `ControlPath` options into ~/.ssh/config allows `ssh` to manage these connections. You can use the `-O` option to pass control commands (`ctl_cmds`)
+```
+ssh -O check server
+Master running (pid=1511266)
+```
+
+You can also look in the path specified by `ControlPath` to see the sockets. Closing the background connection is now clean and tidy
+```
+ssh -O exit server
+```
+
+For port forwarding connections that I use regularly I add the options into ~/.ssh/config, making my life easier. For the example above I would add
+```
+Host server
+ HostName server
+ LocalForward 3000 server:3000
+ ForkAfterAuthentication yes
+ SessionType none
+```
+
+Now I can incant
+```
+ssh server
+```
+
+This opens the connection and puts it into the background allowing me to continue with my local terminal session and view Grafana on my remote server.