Skip to Content

Port forwarding from jump server to target Linux machine

How to do Port forward from jump server to target Linux machine added in the bastion host

Synopsis: This article will help you access the service running on a remote server, with the port forwarded to the gateway server, and can be accessed using the IP or host of the gateway with the forwarded port number.

1. Login to gateway server and enable TCP forwarding.

Enabling TCP forwarding in gateway will allow the user to jump into remote server without accessing the gateway server. Make sure to disable the view password option for users.

root@gateway ~]# grep -i tcp /etc/ssh/sshd_config

AllowTcpForwarding yes

2. Login to ezsh and navigate to the specific server and press '[' to open tunnel.

Input listening port on the gateway: The gateway server needs to listen on a specific port number. Ensure that this port is not already assigned to any services on the gateway server.

Input forwarding port on the server: The port number to be forwarded to the gateway server must be specified. Ensure that the port number corresponds to the required service.


Common errors while establishing tunnel connection and their Fixes:

1.Error establishing tunnel: Host fingerprint mismatch

Fix: Reset fingerprint of server to fix the error

2.Error establishing tunnel: Authentication failed (2)

Fix: Check the ezsh.log of gateway user and confirm password or key based authentication is working correctly.

root@gateway ~]# tail /home/{username}/ezsh.log

Authentication by SSH key failed (debian.server, root): Username/PublicKey combination invalid
Authentication by password not supported!

3. Error establishing tunnel: Could not open the direct-tcpip channel

Fix: Enable TCP forwarding on the gateway server, then re-login to the shell and attempt to reconnect the tunnel connection.

root@gateway ~]# grep -i tcp /etc/ssh/sshd_config

AllowTcpForwarding yes

Check out the example video to forward RDP.


The video shows how an tunnel to an RDP port 3389 is setup and toward the end the video you would find the ssh tunnel being setup for RDP on windows server on which bitvise sshd server was installed.

Basically, the above video shows how the users is able to connect to a Remote windows server RDP on port 3389, by using your.gateway_ip:3389 using the RDP client on the users desktop.


Related Articles

Add servers that are accessible via port forwarding via the ssh gateway server

Add windows server for RDP via browser

How to install and configure Eztunnel?