List ports forwarded by myself from ssh?
Solution 1
You can list via lsof
sudo lsof -i -n
You may use grep to filter results
sudo lsof -i -n | grep ssh
Solution 2
If it is enough to list only the forwarded connections that are actually used, and if your session is interactive (like in your case), you can use the ~#
escape within the ssh session. Just type enter~#.
$ ssh -L1234:localhost:22 localhost
seb@localhost's password:
Welcome to Ubuntu 18.04 LTS (GNU/Linux 4.15.0-23-generic x86_64)
$ ~#
The following connections are open:
#2 client-session (t4 r0 i0/0 o0/0 fd 7/8 cc -1)
#3 direct-tcpip: listening port 1234 for localhost port 22, connect from 127.0.0.1 port 37238 to 127.0.0.1 port 1234 (t4 r1 i0/0 o0/0 fd 10/10 cc -1)
This will also list forwardings that were added later within the session using escape commands, and thus are not appearing on the command line.
Try ~?
for other useful commands inside the ssh session. See also the section on ESCAPE CHARACTERS in the ssh manual page.
Solution 3
There's a couple more ways to list ssh's connections/tunnels. Firstly one can use netstat
(p
show process name (sudo needed), ip
- show IP connections):
sudo netstat -ap --ip | grep ssh
Secondly one can also use the socket stats command ss
(p
- show process name (sudo needed), e
- extended socket info for userid, t
- TCP connections):
sudo ss -pet | grep ssh
Note: Local (-L
) ssh tunnels are not created on the server until the something on the client side has initiated a connection to the local port - only then will the tunnel be set up on the server side and be visible by these methods or any of the other answers.
Austin
Updated on September 18, 2022Comments
-
Austin over 1 year
If I connect to a server like so:
JP_PORT=$(shuf -i 8895-9100 -n 1) TB_PORT=$(shuf -i 6010-6200 -n 1) ssh -Y -L ${JP_PORT}:127.0.0.1:${JP_PORT} -L ${TB_PORT}:127.0.0.1:${TB_PORT} <host>
Once connection is established, is there any terminal command that will return the list of ports I forwarded?
-
Austin almost 6 yearsAny way to list the ssh ports I forwarded without having sudo on the remote server?
-
Panther almost 6 yearsYou can try without sudo. You can try
ps aux | grep ssh
-
Sebastian Stark almost 6 yearsA few more charcaters, but no grep needed:
lsof -a -c '/^ssh$/' -i -sTCP:LISTEN,ESTABLISHED
-
muru almost 6 yearsHeads up: using fragment IDs with the Ubuntu manpages site is useless, since the IDs are generated using JS after the page loads.
-
Sebastian Stark almost 6 years@muru and I was wondering what I'm doing wrong... Thanks for letting me know.
-
Austin almost 6 yearsThanks this is interesting to know about. Unfortunately for me it only lists
#0 client-session (t4 r0 i0/0 o0/0 fd 4/5 cc -1)
without any port information. -
Sebastian Stark almost 6 years@Austin as I wrote, it will only list the forwarding if it is in use. You can test it with
telnet localhost port
. -
Austin almost 6 yearsTelnet appears to not be installed on my server and I don't have sudo :/ ah well.
-
Oleg Bolden almost 6 yearsForwardings that were added later within the session using escape commands won't appear in the output of ~#. I've tested this for OpenSSH_6.
-
Sebastian Stark almost 6 years@OlegBolden just tested this on 18.04: If I add a forwarding later and use it, it will be listed.