14

I understand that I can forward multiple port in ssh config file by:

Host name
    HostName yam.myHost.edu
    User myUserName
    LocalForward 5901 127.0.0.1:5901
    LocalForward 5902 127.0.0.1:5902
    [...]
    LocalForward 5910 127.0.0.1:5910

Is there any easier way to forward a range of ports without the need to add extra line for a port? Something like LocalForward 5901-5910 127.0.0.1:5901-5910 ?

Paulo Tomé
  • 3,754
  • 6
  • 26
  • 38
M.Reza
  • 241
  • 1
  • 2
  • 5
  • No, not as far as I can tell. But I may well be wrong. – Ralph Rönnquist Oct 01 '17 at 07:22
  • Uh I see. Or can I write a function/loop to do that in the config file? – M.Reza Oct 01 '17 at 07:23
  • Not really; the configuration language in itself is quite static. (I haven't explored a possibility of making `config` a socket and feeding its contents dynamically, or making `.ssh` a virtual file system, or any such extremes. It certainly takes more than "a function") – Ralph Rönnquist Oct 01 '17 at 13:00
  • A different take on this could be to set up a tap-to-tap "cabling" over the ssh link, to make a virtual network between the machines. You'd look up VDE (Virtual Distributed Network) to follow up that approach. – Ralph Rönnquist Oct 01 '17 at 13:12
  • If the local application can use it, ssh can set up a SOCKS compatible forwarding system in which case you would not need to setup lines of forwarding per port. See the `DynamicForward` option in `sshd_config`. – Patrick Mevzek Nov 28 '17 at 11:15
  • If you are willing to do some minor coding, Python has the wonderful [Paramiko](http://docs.paramiko.org/) package to do exactly that. – Tom Pohl May 02 '19 at 20:11
  • Yeah, one could use something like ppp to be tunneld over ssh, but that sounds like a bad idea (tunnels over tcp do indeed cause problems) - http://sites.inka.de/bigred/devel/tcp-tcp.html – Bonsi Oct 12 '20 at 10:29

2 Answers2

7

I'm doing this usually without config, interactively in the command line like this

ssh yam.myHost.edu $(for i in `seq 5901 5920` ;do echo -L $i:localhost:$i ;done)

You could also generate the config file lines and copy/paste it to your config file:

for i in `seq 5901 5920` ;do echo "LocalForward $i localhost:$i" ;done
LocalForward 5901 localhost:5901
LocalForward 5902 localhost:5902
LocalForward 5903 localhost:5903
[...]
rudimeier
  • 9,967
  • 2
  • 33
  • 45
4

Short answer is no.

SSH does not support "range" for port forwarding. It can be somehow achieved by having a more complex setup that forwards only 1 port and a proxy on both ends will act as a router the selects the right local port, but I guess this is far from what you need.

The most convenient way is to provide multiple LocalForward lines in your config (which can be created dynamically with a small script). Also note that the SSH command accepts multiple -L arguments for multiple ports, so the following works:

ssh user@host -L 8000:localhost:8000 -L 8001:localhost:8001

What you can do is setup an alias that performs 1 ssh connection for all of the ports you need.

yogi
  • 151
  • 3