0

So hello, i am hosting in my home home server web server, and i would like to acces it globaly so my idea was to setup ssh tunnel the setup is as follows my home server has web server on port :8080 and on my remote server that is a accese globaly is stream.domain.dn its a wildcard domain i would like to host it there, or forward it there my apache server is setup as follow

<VirtualHost *:80>
        ServerName stream.domain.dn
        ServerAlias www.stream.domain.dn
        DocumentRoot /www/test1
        RewriteEngine on
        RewriteCond %{SERVER_NAME} =www.stream.domain.dn [OR]
        RewriteCond %{SERVER_NAME} =stream.domain.dn
        RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

so far its hosting .html website for stesting ssl cert and it works fine, how do i setup apache to get it to host my ssh tunnel here? i tried ssh -L 80:localhost:8080 -N picaica@the-ip-of-mu-server but i always get error

bind [127.0.0.1]:80: Permission denied
channel_setup_fwd_listener_tcpip: cannot listen to port: 80

so i am not sure what to do, and yes i am using bind as name resolution what is the best way to use ssh tunel?

Picarica
  • 67

1 Answers1

0

It seems you've mixed the order of things in the forwarding option. The error message was caused by the attempt of the SSH client to listen on port 80. Since this is privileged port (<1024), and you probably didn't run ssh client as root and don't have CAP_NET_BIND_SERVICE capability, you are not allowed to listen on this port.

The format of forwarding option for TCP case is:

-L [<local IP>:]<local port>:<remote IP or host name>:<remote port>

SSH client will listen locally on local port, and SSH server will connect to the remote IP:remote port.

To forward local port 8080 as if it was the remote 80, you need to use the command

ssh user@remote -L 1234:localhost:80

Then, connecting to the local port 8080 (e.g. run browser where you are running the SSH client and point it to http://localhost:1234) will end up talking with the port 80 on remote, where your real web server is running.

Or, you can use reverse forwarding. Use it in the following way:

-R [<remote IP>:]<remote port>:<local IP>:<local port>

In this case, SSH server will listen on remote IP:remote port and the SSH client will connect to local IP:local port. (To listen on non-localhost IP on remote, you need to enable non-local bind in SSH server configuration.)

E.g. from the web server you connect:

ssh user@remote -R 1324:localhost:80

Then on the remote you run the browser and point it to http://localhost:1234, it will end up connecting to the local port 80, where web server is listening.

Nikita Kipriyanov
  • 3,249