ssh port forwarding with custom host name
So now I can enter http://localhost:1234 in my browser to access the remote host’s web server. What I want to do now is use a name other than localhost. For example, is it possible to invoke ssh with some argument such that I can enter http://remotealias:1234 in my browser to access the remote web server? This is particularly useful when I’m running other services in my local machine on port 1234 at the same time (and don’t want to remember many port:host tunnel mappings). If it’s not possible with the ssh command alone, I’m also interested in solutions that require editing some local configuration in my machine to make it work as described.
Have you tried to use SOCKS5 on your browser? ssh -D 1234 user@remotehost then configure SOCKS in your browser.
3 Answers 3
Yes; You could make an IP per host on your local box
ip address add 122.0.0.2/32 dev eth0 ip address add 122.0.0.3/32 dev eth0 echo "127.0.0.2 remotehost1.com" >> /etc/hosts echo "127.0.0.3 remotehost2.com" >> /etc/hosts then forward each IP to the hosts IP (direct access via domain would be broken by the hosts file change)
ssh user@$remotehost1_IP -L 127.0.0.2:80:localhost:1234 ssh user@$remotehost2_IP -L 127.0.0.3:80:localhost:1234 then use your web browser like normal
http://remotehost1.com http://remotehost2.com This will tunnel each remote fqdn through its own ssh tunnel, on it’s own local ip.
I’m still confused about what this is actually doing. What is the first command doing? And, did you mean remotealias in the second command? echo «172.0.0.2 remotealias» >> /etc/hosts
I think your answer should work. I don’t know much about networking, but what’s the criterion to create the IP addresses in the first command ip address add ? My local address starts with 10. and uses a different subnet mask. Should I add a similar address with the same mask?
@MeiZhang: The first command didn’t get edited, it should be ip addr add 127.0.0.2/32 dev lo etc. instead. You are creating additional loopback addresses, which are independent from your «local address». And your local address is on some subnet, so definitely don’t use variations of that. Multiple IPv4 addresses on an interface can work, but there are situations where they can lead to trouble, because programs without binding could pick a random address out of all available ones, which is sometimes not what you want. Another option would be to add a dummy interface.
ssh user@a.company.com -L 1234:localhost:5678 on host b.company.com, the following happens:
- On host B, ssh starts to listen on port 1234.
- On host A, a connection is made to localhost (that is, host A again) on port 5678.
- Traffic on those two endpoints is forwarded over the ssh connection between A and B.
So the end result is that you can access port 5678 on host A by using port 1234 on host B.
The reason you have to type localhost is because host A can also be a «jump server», i.e. an entrance point into some protected network. So if you can’t access host C directly from host B, but you can access host A from host B, and host C from host A, you can do
ssh user@a.company.com -L 1234:c.company.com:5678 which will establish connections between host B and A, and between host A and C, and tunnel port 5678 on host C to port 1234 on host A.
This has two consequences:
- If you are already using port 1234 on your client (host B) for other services, you can’t use it for tunneling. You need to use a different port (but there’s plenty to choose from).
- In your browser, you’ll always connect to the local endpoint of the tunnel, i.e. localhost . Assigning names to remote hosts won’t change this.
So no, what you want doesn’t work this way.
In case it wasn’t clear enough: You can very easily use different port numbers to you are already running local services. So assume you have hosts A, B and C which you want to reach this way, they all have services on port 80, and you are running your own web server on port 80. Then you do
ssh user@hosta -L 5000:localhost:80 ssh user@hostb -L 5001:localhost:80 ssh user@hostc -L 5002:localhost:80 and you can access them now in your browser by typing http://localhost:5000 , http://localhost:5001 , and http:/localhost:5002 . And http://localhost:80 will still access your own local server.
There’s no real need for complicated constructions which involve assigning yourself lots of IP addresses, or remotealiases.
Mapping Hostnames with Ports in /etc/hosts
The /etc/hosts file is a simple text file used to map hostnames to IP addresses. It is used to resolve hostnames to IP addresses, bypassing the need for a DNS server. Each line in the file represents a single mapping, with the IP address followed by one or more hostnames separated by spaces.
You can map hostnames with ports by specifying the hostname followed by the port number, separated by a colon. For example, to map the hostname «example.com» to the IP address «192.168.0.1» on port 80, you would add the following line to the /etc/hosts file −
This will cause the hostname «example.com:80» to resolve to the IP address «192.168.0.1». When you use this hostname in a web browser, it will be directed to the IP address on port 80, you can use similar for other ports as well.
Keep in mind that this is a local mapping, which means it only affects the device on which the hosts file is modified and it will not affect other devices on the network.
The Hosts File
The hosts file is a simple text file that maps hostnames to IP addresses. It is used to resolve hostnames to IP addresses, bypassing the need for a DNS server. The file is located on most computers at the path /etc/hosts (on Windows it is located in c:\Windows\System32\drivers\etc\hosts) and can be edited by anyone with access to the file.
Each line in the file represents a single mapping, with the IP address followed by one or more hostnames separated by spaces. For example, to map the hostname «example.com» to the IP address «192.168.0.1», you would add the following line to the hosts file −
When you type «example.com» into a web browser, the computer will first check the hosts file before making a DNS request. If it finds a match, it will use the IP address specified in the hosts file. This can be useful for testing websites on a local development machine or for blocking unwanted websites by redirecting them to a non-existent IP address.
It’s important to note that the hosts file is a local file and changes made to it will only affect the computer on which it is modified. This means that it is not a global solution for things like blocking unwanted websites, and will not affect other devices on the network.
Adding a Port Number
You can add a port number to a hostname in the hosts file by specifying the hostname followed by a colon and the port number. For example, to map the hostname «example.com» to the IP address «192.168.0.1» on port 80, you would add the following line to the hosts file −
This will cause the hostname «example.com:80» to resolve to the IP address «192.168.0.1». When you use this hostname in a web browser, it will be directed to the IP address on port 80.
It’s important to note that most applications and browsers will not automatically use the port number specified in the hosts file. You will need to include the port number in the URL when accessing the website. For example, instead of typing «example.com» into the browser, you would need to type «example.com:80».
Also, keep in mind that the hosts file is a local file and changes made to it will only affect the computer on which it is modified. This means that it is not a global solution for things like redirecting traffic to a specific port, and will not affect other devices on the network.
Using a Reverse Proxy
A reverse proxy is a server that sits in front of one or more web servers and acts as a gateway for client requests. The reverse proxy receives the incoming request from the client, forwards it to the appropriate web server, and then sends the web server’s response back to the client.
One of the main benefits of using a reverse proxy is that it can provide additional functionality such as load balancing, SSL termination, and caching. It can also hide the existence and characteristics of the backend servers from the outside world, providing an additional layer of security.
When using a reverse proxy, the client sends a request to the reverse proxy’s IP address and port, instead of the IP address and port of the backend web server. The reverse proxy then uses the information in the request to determine which backend server should handle the request, and forwards the request to that server. The backend server processes the request and sends the response back to the reverse proxy, which then sends the response back to the client.
Reverse proxies can be configured to route requests based on the hostname or path of the request, the client IP address, or other criteria. They can also be used to route requests to different backend servers based on the type of request (e.g., static vs dynamic content).
Popular open-source reverse proxy servers are Nginx and Apache, both of them also have the capability to add port number in the proxy rule and route the request based on the port number.
It’s important to note that, setting up and configuring a reverse proxy requires knowledge of server administration and web server configuration.
Conclusion
In conclusion, the /etc/hosts file is a simple text file used to map hostnames to IP addresses, bypassing the need for a DNS server. It can be edited to include a port number by specifying the hostname followed by a colon and the port number. However, changes made to the hosts file are only local, and will only affect the computer on which it is modified.
A reverse proxy is a server that sits in front of one or more web servers and acts as a gateway for client requests. It can provide additional functionality such as load balancing, SSL termination, and caching. It can also hide the existence and characteristics of the backend servers from the outside world, providing an additional layer of security. Reverse proxies can be configured to route requests based on hostname, path, client IP address, or other criteria. They can also be used to route requests to different backend servers based on the type of request.
Can I map a IP address and a port with /etc/hosts?
So that when I hit testdev.com , it refers 127.0.0.1:8000 . I tried the above one, but it doesn’t work. Any other alternative way to achieve this?
What David Postill says is correct, but if you are really hoping to get rid of the 8000 port for local testing you might want to investigate setting up a reverse proxy via Apache or Nginx. That is the most common and accepted way to map a port-based address like 127.0.0.1:8000 to testdev.com .
4 Answers 4
Can I map a IP address and a port with /etc/hosts
The /etc/hosts file is part of your system’s domain name resolver (it will check this file, then check DNS).
The resolver’s job is to convert text domain names to an IP address, not an IP address + port.
Some applications like Minecraft support checking a DNS server’s SRV record and can use a port number from that, but again, this is dependent on the program’s behavior and can’t be done from your /etc/hosts file.
I’d like to map 127.0.0.1:8000 to testdev.com
What @Giacomo1968 said in the comments says is what you need to do.
This solution worked for me with nginx
If you are using nginx you can use Nginx as reverse proxy and do something like this below
For more information regarding the above method check this here
For window users
I found this solution from stackoverflow here
As Lawrence has already said it is not possible through /etc/hosts but you can set a reverse proxy in order to achieve it using nginx or apache . I had the same problem in the past so I made this tool to achieve this with a /etc/hosts syntax: https://github.com/cristianoliveira/ergo
The solution that worked for me using apache was first to modify my apache config like this:
Web Server Config
ServerName testdev.com ServerAdmin webmaster@localhost DocumentRoot /var/www/testdev.com/public AllowOverride All Options Indexes FollowSymLinks Require all granted ErrorLog $/error.log CustomLog $/access.log combined # vim: syntax=apache ts=4 sw=4 sts=4 sr noet And dont forget to restart apache after you’ve modified any config file. Notice the ServerName Directive has been set to the domain name you want to use, and the VirtualHost *:80 is set to 80. This will direct all requests from your browser that hit your domain name on port 80 to this virtual host configuration.
Now you have to modify your hosts file as below:
127.0.0.1 localhost 127.0.0.1 testdev.com Now head to your browser and type in testdev.com this will direct you to your web app