How to know actives ssh port forwarding
If you use the -v
option to ssh
it will show you what you are forwarding (but it will show you a bunch of other debug messages, too):
ssh -v -L2222:localhost:22 remotehost
Will show you:
...debug messages...
debug1: Authentication succeeded (publickey).
Authenticated to remotehost ([10.0.0.23]:22).
debug1: Local connections to LOCALHOST:2222 forwarded to remote address localhost:22
debug1: Local forwarding listening on ::1 port 2222.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port 2222.
...debug messages...
And then when you are connected to that remote shell you can type a special key sequence:
~#
which will list the connections like this:
The following connections are open:
#3 client-session (t4 r0 i0/0 o0/0 fd 7/8 cc -1)
#4 direct-tcpip: listening port 2222 for localhost port 22, connect from 127.0.0.1 port 59742 (t4 r1 i0/0 o0/0 fd 10/10 cc -1)
Note, however, that this will only list forwarded ports that are actually being used by another program (in this case I just did telnet localhost 2222
on my local machine to have it forwarded to remotehost
.
If you do not have any connections that are currently being forwarded you can still see what your ssh command is listening for locally by using the netstat
command like this:
% netstat -tpln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:2222 0.0.0.0:* LISTEN 28995/ssh
tcp6 0 0 ::1:2222 :::* LISTEN 28995/ssh
The netstat
command will also probably list other things, but what you want to look for in the output is the PID/Program
column to look for ssh
processes, and the Local Address
column which will show you what ports are being listened to. In this example it is listening on port 2222
for both IPv4 and IPv6 interfaces on my machine.
Related videos on Youtube
slc66
Updated on September 18, 2022Comments
-
slc66 over 1 year
I have configured in
~/.ssh/config
many port forwarding for VNC with different port for each servers.Is there a command which can help me to know which port is forwarding to when I open an SSH session ?
-
slc66 about 12 yearsThanks for this answer, My goal was to add script in /etc/update-motd.d/ to display Ports redirected to. But with the ~# command I have only ports redirected on server. And the goal was to display (part of ssh -v output) : Local connections to LOCALHOST:5901 forwarded to remote address 127.0.0.1:5900 Local forwarding listening on ::1 port 5901. It seem impossible to display ONLY this 2 lines client side.
-
ScumCoder about 4 yearsFor people coming here in 2020+:
netstat
has been obsoleted in favor ofss
. -
Tripp Kinetics almost 4 years@ScumCoder Only for Linux.