Setup a SSH Tunnel using python

on

Sometimes we need to restrict access to a port, where a port should listen on localhost, but you want to access that port from a remote source. One secure way of doing that is to establish an SSH Tunnel to the remote side, and forward to port via the SSH Tunnel.

Today we will setup a Flask Web Service on our Remote Server (Side B) which will be listening on 127.0.0.1:5000 and setup the SSH Tunnel with the sshtunnel module in Python from our client-side (Side A). Then we will make a GET request on our client-side to the port that we are forwarding via the tunnel to our remote side.

Remote Side:

Our Demo Python Flask Application:









from flask import Flask

app = Flask(__name__)

@app.route('/')
def index():
    return 'OK'

if __name__ == '__main__':
    app.run(host='127.0.0.1', port=5000)

Run the server:

$ python app.py
Listening on 127.0.0.1:5000





Client Side:



From our client-side we first need to install sshtunnel via pip:



pip install sshtunnel requests --user





Our code for our client that will establish the tunnel and do the GET request:




















from sshtunnel import SSHTunnelForwarder
import requests

remote_user = 'ubuntu'
remote_host = '192.168.10.10'
remote_port = 22
local_host = '127.0.0.1'
local_port = 5000

server = SSHTunnelForwarder(
   (remote_host, remote_port),
   ssh_username=remote_user,
   ssh_private_key='/home/ubuntu/.ssh/mykey.pem',
   remote_bind_address=(local_host, local_port),
   local_bind_address=(local_host, local_port),
   )

server.start()

headers = { 'User-Agent': 'Mozilla/5.0 (Windows NT 6.0; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0'}
r = requests.get('http://127.0.0.1:5000', headers=headers).content
print(r)
server.stop()





Running our app:



$ python ssh_tunnel.py
OK





So we have successfully established our ssh tunnel to our remote side,
 and able to access the network restricted port via the tunnel.