I have created a web service running on protected server(Centos, 123.123.123.123:8192), we can only login to the web server via SSH from a jump server (say 111.111.111.111). I can login the web server via SSH (first login to jump server, then dump to web server). Now I want to make a HTTP request to web server, How do setup the SSH tunnel to make it worker? Or if current limitation impossible, what is most secure way to open a door to make it possible?
Other limitations:
- the web server can only access to database, other out data are disabled (no
yum, noping, e.t.,) - the jump server's SSH server listen on redefined port, say 32220.
- the user name of web server (
ws) and jump server (js) are different.
then access
http://localhost:8192/What this does is:
-L= Listen on a local port (where the ssh client is running)8192= Listen on port 8192192.0.2.3:8192= When a connection comes in to 8192 to the ssh client, forward that across the SSH tunnel and connect out to 192.0.2.3:8192198.51.100.7is the normal "server you want to ssh to"