参考链接

常见参数

  • -C: Requests compression of all data.
  • -f: Requests ssh to go to background just before command execution. This is useful if ssh is going to ask for passwords or passphrases, but the user wants it in the background.
  • -N: Do not execute a remote command. This is useful for just forwarding ports.
  • -n: Redirects stdin from /dev/null
  • -L: Specifies that connections to the given TCP port or Unix socket on the local (client) host are to be forwarded to the given host and port, or Unix socket, on the remote side.
  • -D [bind_address:]port: Specifies a local ‘dynamic’ application-level port forwarding.
  • -R: Specifies that connections to the given TCP port or Unix socket on the remote (server) host are to be forwarded to the local side.
1
2
3
4
5
...
-L [bind_address:]port:host:hostport
-L [bind_address:]port:remote_socket
-L local_socket:host:hostport
-L local_socket:remote_socket

场景

代理服务器

1
ssh -C -N -D ${localPort} fang@proxy.com

假设有代理服务器 fang@proxy.com,本地需要通过该服务器访问一些网站,通过本地端口 7799 进行转发,可输入新建终端输入命令

1
ssh -C -N -D 7799 fang@proxy.com

可考虑在 Surge 中添加这个 Proxy

1
2
3
[Proxy]
...
MySSHProxy = socks5, 127.0.0.1, 7799

通过跳板机访问数据库

1
2
# 端口转发
ssh -N -L ${localPort}:${targetHost}:${targetPort} fang@proxy.com

假设有跳板机 fang@proxy.com,需要访问数据库 my-rds.com:3306,通过本地端口 7788 进行转发,可输入新建终端输入命令

1
ssh -N -L 7788:my-rds.com:3306 fang@proxy.com

ssh 连接成功后,不要关闭此终端;新建另一终端,输入

1
mysql -h 127.0.0.1 -P 7788 [-u YOUR_ACCOUNT -p]

以上,等效于在跳板机 fang@proxy.com 中输入

1
mysql -h my-rds.com -P 3306 [-u YOUR_ACCOUNT -p]