Home / server / Questions / 1001571
Accepted
user99201
Asked: 2020-02-04 07:49:11 +0800 CST

Check if SSH tunnel is still running

  • 772

I'm running an SSH tunnel command that looks like this:

ssh -v [email protected] -L 9999:10.238.93.43:8991

But when I test listening connections with the netstat command I don't see the tunnel port:

bastion001 ABB-LAB] 0 15:45:16 [~] $ netstat -tulpn | grep -i listen
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -
tcp6       0      0 ::1:25                  :::*                    LISTEN      -
tcp6       0      0 :::111                  :::*                    LISTEN      -
tcp6       0      0 :::8080                 :::*                    LISTEN      1078/java
tcp6       0      0 :::80                   :::*                    LISTEN      -
tcp6       0      0 :::8081                 :::*                    LISTEN      1078/java
tcp6       0      0 :::22                   :::*                    LISTEN      -

What's going on here? Why can't I see the tunnel port?

ssh-tunnel

1 Answers

  1. Best Answer

    Listening ports can only been seen from the machine that initiated the SSH Tunnel. Your command logs you into the remote system interactively. Consider the command following for better visibility:

    ssh -nNf [email protected] -L 9999:10.238.93.43:8991

    Once the tunnel is up, then execute the following command from client machine that initiated the tunnel:

    netstat -tulpn | grep -i listen

    You should get something like this:

    tcp     0    0 127.0.0.1:9999       0.0.0.0:*      LISTEN      1286/ssh
tcp     0    0 ::1:9999              :::*           LISTEN      1286/ssh

    Both lines in the results show 9999 as the listening port from client side. You will not be able to get same results from the server side.

    • 2