Stop ssh tunnel (stop listening on port without killing process)

ssh tunnel openssh ssh-tunnel

5,149

Excerpt from ssh(1) manpage:

 ~C      Open command line.  Currently this allows the addition of port
         forwardings using the -L, -R and -D options (see above).  It also
         allows the cancellation of existing port-forwardings with
         -KL[bind_address:]port for local, -KR[bind_address:]port for
         remote and -KD[bind_address:]port for dynamic port-forwardings.

So, ~C followed by -KL80 cancels the port forwarding in your example.

5,149

Yang

Updated on September 18, 2022

Comments

Yang over 1 year

In an ssh session, one can start tunneling with the keystrokes ~C and entering (e.g.) -L80:localhost:80. However, is there any way to stop tunneling on that port (short of killing the process)?
- barlop over 11 years
  
  I doubt it but killing the process is as minor as a ctrl-c.unless i guess you ran it in the background, and you could then run ssh again but without the -L80:localhost:80 I suppose if you added -N then it stops the ssh shell from popping up then its raison d'etre would be for the -L and so there really wouldn't be any point in an option to stop listening,because it would have no other function.I think its raison d'etre is whatever it was set up to be with -L or without.maybe for it to be able to do different to that after would be bring up an unnecessary security consideration and complexity.
- Yang over 11 years
  
  The point isn't that I don't know how to kill the process. It's that I need to keep it running, since I'm actively using that connection.
- barlop over 11 years
  
  I only see two uses. a)shell b)tunneling. So you could create two connections. One for the shell(which I guess is the one you're "actively using". And one for the tunneling -L (with -N to specify no shell). Then you could kill the tunneling connection, and keep the shell connection.
- barlop over 11 years
  
  I understand what you mean, I don't know of a way(only those workarounds which you already know/do). If you have no luck here, I suggest trying the ssh mailing list, or the newsgroup comp.security.ssh both those sources of support/expertise happen to be the ones mentioned/recommended in the ssh faq, so kind of official too.. i've seen comp.security.ssh is quite effective, I haven't seen the mailing list but it's probably good too.
barlop over 11 years

brilliant, that works(in my test at least). ssh escape sequences, who knew! Initially when I was trying it, I thought the tilda key or my finger, wasn't working. As when one types for example, ~? the tilda as an escape character, is treated such that it doesn't display on the first tap(but it is indeed there and should only be tapped once). I was getting confused too, tapping ~ till ~ appeared once, then tapping ?. Hitting ENTER and it failed. Copy/paste ~?, and it worked. and of course the ~C followed by the -KL.. worked too.