ssh port forwarding (tunneling in HPC)

ssh ssh-tunnel hpc

I have an application server that runs on a compute node. The server opens a port (9000) and I then run a command for tunneling between my local machine and the server:

ssh -N -f -L 9000:compute-node:9000 user@myhpc

Once this is done I can essentially use my server's web interface on a browser with localhost:9000

I use ecdsa -b 521 encryption with password-less authentication, the public key has been copied to the HPC. I was told that this command exposes the HPC to the internet and it's not safe. I'm a bit skeptical about this answer and I would like to have opinions on the safety of tunneling in this manner.


Solution 1:

The statement is incorrect. That's just a local port redirect through your SSH connection that is authenticated with your SSH keypair.

There is nothing insecure in doing that, it has the same degree of security of just connecting over SSH to the server. The service is not exposed to the internet after the creation of the tunnel, it's only available to the machine issuing the ssh command.

Related

Infiniband drivers : OFED or distro included?
How to setup a Linux LAN local mail? [closed]
ntpd -g does not sync the clock
Configuring a cloud VM to be accessed by multiple users
Calculating the percentage of the total available memory on linux as an integer in bash
503 error on apache virtual hosts
Apache 2.4 - How to restrict traffic (by IP address) to all requests except the base path?
How can I use one EXE on Multiple machines?
Re-using SSH keys
Round robin DNS and fault tolerance (web service, windows 2008)?
How to make communication between Production network and Isolated Network using Linux machine as a router?
Removing Cert Server from AD