[root@rhce-ryanrudolf]# rm -rf / 2> /dev/null

things I break/fix for fun and learning

Apr 9, 2018 - 2 minute read - Comments

Using SSH Tunnel to Access vCenter Server

I need to access my Vcenter Server remotely as from time to time I practice on my homelab even if I am not at home. The easiest method I did before was punching holes in my firewall by port forwarding. I know this is not the most secure and practical way, but the concepts are easy enough for me to understand.

Here is how I did it before -

  • login to router and edit firewall config

vi /etc/config/firewall

config redirect

option target ‘DNAT’

option src ‘wan’

option dest ‘lan’

option proto ‘tcp’

option src_dport ‘443’

option dest_port ‘443’

option name ‘https’

option dest_ip ‘192.xxx.xxx.xxx’

  • restart firewall service

/etc/init.d/firewall restart

That’s quick and diry way to do it. I’ve been doing it for several days but now that I had my own domain name, it conflicts with port 443 of my webserver. I had to find another way of accessing my Vcenter Server remotely without any conflicts to existing services and at the same time securely.

After further research, it looks like I can achieve this task by using ssh tunnels. On my Windows PC, I use putty to connect to my SSH server. And from the putty client, I can configure the tunnels and what ports to listen to.

Putty client -

Once the putty client is configured, I just login with my ssh credentials. Next is to open up a web browser, and point it to https://localhost and voila! Vcenter server being accessed remotely and securely via ssh tunnels!

Like this page? Share it!

Homelab Upgraded Securing SSH Server

comments powered by Disqus