20230201-exit..._ssh_left.md (2215B)
1 The [ssh](https://en.wikipedia.org/wiki/Secure_Shell){target="_blank" rel="noreferrer"} command isn't only for accessing a shell on remote systems. It can also be used to tunnel traffic or view remote web applications without having to mess around with firewalls. 2 3 As an example, the other day I installed [Grafana](https://grafana.com/){target="_blank" rel="noreferrer"} on a Linux server in the cloud. To quickly view the web UI on my local machine I can use `ssh` with the `-L` option to forward a local port to the Grafana port (default: 3000) on my server 4 ``` 5 ssh -L 3000:server:3000 server 6 ``` 7 8 Navigating to localhost:3000 in my browser gives me access to Grafana. This is great except I have to leave a terminal open for the `ssh` session. Adding the `-N` option tells `ssh` not to run a remote command, if you try this the connection will open but you won't get a prompt on the server. Also adding the `-f` option puts `ssh` into the background, freeing up the terminal 9 ``` 10 ssh -NfL 3000:server:3000 server 11 ``` 12 13 In order to close the connection you will have to find the PID then kill it. Not very eloquent. My preference is to use the `ControlMaster` option in my ~/.ssh/config, something that I use for sharing `ssh` connections (see my [ssh-aring is caring](20220116-ssh-aring_is_caring.html){target="_blank" rel="noreferrer"} post). 14 15 By adding the `ControlMaster` and `ControlPath` options into ~/.ssh/config allows `ssh` to manage these connections. You can use the `-O` option to pass control commands (`ctl_cmds`) 16 ``` 17 ssh -O check server 18 Master running (pid=1511266) 19 ``` 20 21 You can also look in the path specified by `ControlPath` to see the sockets. Closing the background connection is now clean and tidy 22 ``` 23 ssh -O exit server 24 ``` 25 26 For port forwarding connections that I use regularly I add the options into ~/.ssh/config, making my life easier. For the example above I would add 27 ``` 28 Host server 29 HostName server 30 LocalForward 3000 server:3000 31 ForkAfterAuthentication yes 32 SessionType none 33 ``` 34 35 Now I can incant 36 ``` 37 ssh server 38 ``` 39 40 This opens the connection and puts it into the background allowing me to continue with my local terminal session and view Grafana on my remote server.