Connect to server using ssh with -L flag?

johntdavis · July 4, 2020, 7:48pm

Hello!

I'm a long-time user of Core Shell through Setapp. I've really enjoyed it; without a doubt it's the nicest SSH client I've ever used.

Question: How do I issue a custom ssh -L command to a saved host in Core Shell?
I cannot figure out how to specify arguments to the -L flag when I'm saving host in Core Shell. Please help.

I need to set a saved host to do this when it connects:

ssh user@Server -L localPort:localHost:serverPort

Scenario:

There is a service on my Server listening at port 601 for a local connection from inside the Server. It does not accept remote connections.
Using the -L flag, I ssh in to Server, specifying that port 100 on my Local Machine forwards to port 601 on Server.
Then, on the Local Machine, I open Application, and point it at port 100 on Local Machine, which is forwarded over SSH to port 601 on Server.

This all works, but I have to do it in Apple's Terminal.app.

yang · July 5, 2020, 2:15am

Hi John, Core Shell doesn't provide direct means to create port forwarding, I suggest two alternatives:

Go and get Core Tunnel from App Store, and copy then paste the host from Core Shell, at last create a local port forwarding.
Edit your ~/.ssh/config file, and add a LocalForward directive for the host.

Let me know if you need assistance.

Yang

johntdavis · July 6, 2020, 10:34pm

Yang,

Hello! Thank you for your message. CoreShell is the best terminal app I’ve used on a Mac, and now I can add excellent technical support to the reasons why.

I think I’ll go with option 2 for now. I’ve read some help files for LocalForward, and I’m going to try setting up the config file soon. Am I correct that the argument for the LocalForward direct is the same argument I’d pass to the -L flag on the command line?

Thanks again!

John.

yang · July 7, 2020, 1:50am

Not exactly the same, here is an example for you:

Host Server
  LocalForward 0.0.0.0:100 localhost:601

Since port 100 is a privileged port, you HAVE TO set bind address to 0.0.0.0, please read this post for more details about privileged port:

johntdavis · July 14, 2020, 11:33pm

@yang: Thanks again!

I chose bad hypothetical values, it seems. I didn't realize port 100 was privileged when I wrote my OP. I'm actually somewhere up in the thousands.

In case it's helpful to anyone else, I ended up doing this:
Host Server
LocalForward PortOnServer 127.0.0.1:PortOnClientMachine

If I just use "localhost" instead of the IPv4 address, is ssh smart enough to use the device's IPv6 address if available? (All the machines on my local LAN have IPv6 addresses).

yang · July 16, 2020, 2:38pm

It depends on operating system implementation if you do not force ssh chooses one.

I didn't do any test on it, but according a cite in this article, macOS would prefer IPv6 address:

Mac OS X prefers IPv6 if a DNS query results in IPv4 and IPv6 addresses being sent back (A and AAAA RRs).

You can enable debug log to confirm this, Core Shell would print actual IP address on connecting:

johntdavis · July 21, 2020, 2:36am

I got distracted for a while from trying this, and I guess I have my dunce cap on.

I've verified the VNC server is listening, but the LocalForward does not seem to be working.
It's not showing up as an open port when I portscan my localhost address.

theHost has a static IP from my router.
LocalPort is over 1000.

I've got this:

Host theHost
HostName 192.168.1.99
LocalForward localhost:localPort 192.168.1.10:5901

What am I doing wrong? Do I need to restart the Mac? I terminated the SSH connection and reconnected, but with no effect.

Thanks again for your help.

yang · July 22, 2020, 12:54am

Hi John, please try changing your config to this:

Host 192.168.1.99
LocalForward localhost:localPort 192.168.1.10:5901

If you still could not make it to work, please enable logging and send me the log output: