Shulou(Shulou.com)06/01 Report--

This article shows you an example analysis of SSH Tunnel turning a personal PC into a "behind-the-scenes boss". The content is concise and easy to understand, which will definitely brighten your eyes. I hope you can get something through the detailed introduction of this article.

Road sign

SSH Tunnel

Port forwarding

There is a post on the Internet that SSH Tunnel and port forwarding are different. Here I did not delve into the specific difference between the two nouns. As a result, I was led to this knowledge point by the term SSH Tunnel, but the effect is very similar to "port forwarding". Let's write them all.

Applicable scenario

Hope to start the service locally on your own computer, so that the requests sent by Internet to the server are directed to your own computer, thus making debugging more convenient.

The debug model is only used in special situations, such as the mandatory need for fixed IP, etc., and is not universal.

Most tutorials on the Internet map the port to a device in the local area network, which should be delivered to practitioners. As a developer, the simplified scenario of this blog is to map the port of the server to your own computer.

Environment

Linux, windows, Mac are all available

Background

Recently, I took over a project related to the official account of Wechat for work reasons. When the project is deployed, it is found that the function does not work completely, so you need a breakpoint to check what the problem is. As the development involves the Wechat public platform, which requires that ip be added to the whitelist, it requires a "fixed IP", and because some modules of the project need to use https, it is more convenient to build https than locally. The above two reasons make me choose to use port mapping.

Implement ssh-p22-I NAME.pem-N-R 0.0.0.0 USER@IP 8080 USER@IP

Well, it's as simple as that. A command will do.

NAME.pem: pem file, remember to index the execution path under the pem file, or write it as the absolute path of pem. If you log in with the account password, remove the-I NAME.pem. After entering the command, you will be asked to enter the password. The effect is the same.

USER: login server user name, such as: root

IP: the public network IP address of the server

Remarks

Blogs usually talk about-L-D, but since I won't use these two modes in my scenario, I won't introduce them here.

To get token from Wechat server, it is not necessary to use a server with a fixed IP. In fact, adding the temporary IP of personal computer to the whitelist of Wechat IP can also get token, but the disadvantage is that the dynamic IP will change, so it is troublesome to replace it when the IP changes.

I have another problem when using port mapping. Port mapping can map services received on a certain port of the server to the local computer, but how to control all requests made by the local computer to go to the server? We all know that when a network request is initiated locally, the port on which the request is initiated is not completely controllable. So even if I use port mapping, it is nothing more than a situation in which an agent tells me what he has heard, but I still have to talk directly to outsiders, as shown in the following figure. What if I want to be a "behind-the-scenes boss" and complete the transformation entirely through an agent?

The only thing we need to do is to make all requests made by personal computers go through a cloud server with a fixed ip, recommended tools such as "TinyProxy".

When the port mapping and TinyProxy are set up, ECS will become the spokesman of our PC in Internet. He has become a "boss behind the scenes".

The above is an example analysis of SSH Tunnel turning a personal PC into a "behind-the-scenes boss". Have you learned any knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.