Accessing LDAP through SSH tunnel

17,237

Yes, ssh has a "-L" option to create a tunnel. That option takes 3 parameters, separated by colons (:). Local listen port, remote host, remote port.

ssh -L 9999:ldapserver:389 user@otherhost

Where 9999 is the local port that the tunnel will be created on. The ldapserver:389 bit tells it where to connect to on the other side.

Then, tell your application to connect to localhost:9999 (or whatever port you choose) and it will be tunneled across.

Share:
17,237
Guillermo
Author by

Guillermo

Updated on July 23, 2022

Comments

  • Guillermo
    Guillermo over 1 year

    I got access via SSH (root access) to a Machine that's inside a network at my client's office.

    I'm programming in my computer a PHP application that needs to integrate to LDAP. The LDAP server is in another server at my client's network and not accesible from outside, however I can perfectly access it via the server I can connect to via SSH.

    My question is: IS there anyway I can make a tunnel and setup a port in my computer to get the traffic forwarded to the LDAP server using my SSH connection to one of the computers on the network?

    Thanks!!!!

  • Erich Kitzmueller
    Erich Kitzmueller over 14 years
    you might also use the -N option, so ssh doesn't become interactive
  • Guillermo
    Guillermo over 14 years
    thanks! I got connection refused although with both optins but this may be another problem
  • Gunstick
    Gunstick about 14 years
    you need to tcp forwarding enabled on the remote ssh server. By default this is often disabled. In sshd_config put: AllowTcpForwarding yes