How To: Easy Mac OSX SSH Tunnel Tutorial using Terminal CLI
Creating SSH tunnels using a Windows PC with Putty SSH client is easy but what happens if you are using an Apple computer with Mac OS X. Well that is also just as easy, I documented step by step instructions for Mac users to establish a SSH tunnel between Mac OS X and a remote Linux server.
1. Before we do anything let’s get a baseline and see what our public ip address is. Start by opening up a web browser, I chose to use Opera for this test. Go to http://whatismyip.org which will display the public ip address your computer is broadcasting on the internet.
Next how to get an SSH tunnel setup using the built-in Mac terminal CLI.
2. Now that we have a baseline it is time to establish the SSH tunnel with your server. You will need the hostname or ip address, username and password for your remote Linux server. Once you have that use the following command from the terminal, ssh -N – D “username”@”ip-address or hostname”. This example is using port 22 to SSH into the server but you could use the “-p” option to specify any port for SSH.
ssh -N -D 8080 root@ip-address
After you enter in your password the prompt will just sit there and not do anything, don’t worry that is what its supposed to do. Also this “open failed: connect failed: Connection timed out” error may show up which is normal and expected, just continue to the next step.
3. The next step is to configure a web browser to use the remote Linux server as a SOCKS proxy so to do this open your web browser and enter the preferences menu. Again I am using Opera for this example but you could use any browser, Chrome, Firefox, etc.
4. In the preferences menu go to the network options, then look for a “Proxy Servers” setting button.
5. In the proxy servers menu you will need to configure the SOCKS server using ip address 127.0.0.1 and the port you used above in step 2, so in my case it is 8080. Click OK to save the settings change and close out of the preferences menu.
6. Now back in the browser go to http://whatismyip.org again and this time it will display the broadcast public ip address of the remote network where the Linux server is and this confirms the tunnel is working.
Now the tunnel is up the remote network web interfaces are available to your browser by their private ip addresses. So for example you could log into your remote firewall’s web interface from its private interface, such as 192.168.1.1. If you want to disconnect the tunnel just go to the terminal window with the ssh -N -D command running and use “control + C” to stop the command which will terminate the tunnel.