Linux Tools, Utilities, and Other Services

This document provides basic tools and algorithms for use with data science and machine learning tasks in Python

Andrew L. Mackey

Overview

The following information is useful for various tasks to be performed in a Linux environment.

 

SSH Tunneling and Port Forwarding

It is generally preferred to have data encrypted when traveling across networks. One method for accomplishing this task is to tunnel traffic through an SSH connection between the client and some SSH server that has access to the destination server. The SSH server may also be the destination server.

Let’s consider an example. The client represents your personal computer, so it will have the IP address of 127.0.0.1 (localhost). The destination is some web server running on port 80 behind a firewall at address 10.0.0.50. Your computer cannot access this server directly. However, your computer can access IP address 20.20.20.20 running SSH on port 22, which has direct access to the destination web server (10.0.0.5). Our goal is to connect to the SSH server (20.20.20.20) and tunnel a connection between the client (127.0.0.1) and destination (10.0.0.50).

First, we start by picking some port we want to use on the client so that when we connect to that port locally, it will map that port to the destination. We will simply pick port 3000. This suggests we will map 127.0.0.1:3000 to 10.0.0.50:80. We specify the -L option to denote local port forwarding. 

ssh  -L  [localaddr]:[localport]:[destaddr]:[destport]  [user]@[sshserveraddr] -p [sshport]

For our example, we will use the following command:

ssh  -L  127.0.0.1:3000:10.0.0.50:80  someuser@20.20.20.20 -p 22
Example 1: Connect to Internal Server Through External Server

For this scenario, it is assumed that you have access to a server that has an external IP address. You can connect to the external server to reach the internal server. We will build a tunneled connection between your computer and the internal server by connecting through the external server.

Example diagram 1 of SSH tunneling

Upon completion, you can now run a program on your local computer and point the host to localhost (127.0.0.1) using port 3000 and this will be mapped to the internal server on the private network at 192.168.10.51 on port 3306.

Example 2: Connect to Port on Server Restricted by External Firewall

For this scenario, you want to access a service on an external server that is blocked to external users. However, the service is available for anything that is running locally on the external server. We can implement tunneling to map a port running on your local computer to a port on the external server.

Example diagram 2 of SSH tunneling

Upon completion, you can now run a program on your local computer and point the host to localhost (127.0.0.1) using port 3000 and this will be mapped to the external server on the private network on port 3306.