access webpage through ssh

Solution 1:

First Method:

Launch an SSH tunnel

To initiate your SSH tunnel, simply open terminal and connect to your remote server via SSH with the following flags:

ssh -D 8080 -C -N [email protected]

Browse the Web with Your SSH Tunnel (Chrome)

Now, let’s start browsing the web using our new SSH tunnel.

  • Open Google Chrome
  • Select the wrench icon on the top right
  • Select ‘Settings’
  • Select ‘Show advanced settings…’
  • Select ‘Change proxy settings…’
  • Select ‘SOCKS Proxy’
  • Enter ’127.0.0.1′
  • Enter port ’8080′
  • Save changes by selecting ‘OK’

Search Google for ‘my ip’ and take a look at what your IP address is now.

This will launch our SSH tunnel on port 8080 and route all traffic (securely) through the server at example.com.

Exiting the SSH Tunnel

To exit the SSH tunnel, simply disable the SOCKS proxy within your browser.

source

Second Method:

You can do it easily using Shellinabox

Ensure that you have checked Universe Repository

To install

 $ sudo apt-get install openssl shellinabox

Configuring Shellinabox

By default, shellinaboxd listens on TCP port 4200 on localhost.During installation a new self-signed SSL certificate automatically created under “/var/lib/shellinabox” to use HTTPS protocol.

$ sudo vi /etc/default/shellinabox

# specify the IP address of a destination SSH server
SHELLINABOX_ARGS="--o-beep -s /:SSH:172.16.25.125"

# if you want to restrict access to shellinaboxd from localhost only
SHELLINABOX_ARGS="--o-beep -s /:SSH:172.16.25.125 --localhost-only"

NB: replace the ip 172.16.25.125 with yours

Starting Shellinabox

Once you’ve done with the configuration, you can start the service

$ sudo service shellinaboxd start

Verify Shellinabox

Now let’s verify whether Shellinabox is running on port 4200 using “netstat” command.

$ sudo netstat -nap | grep shellinabox
or
# netstat -nap | grep shellinabox

tcp        0      0 0.0.0.0:4200            0.0.0.0:*               LISTEN      12274/shellinaboxd

Now open up your web browser, and navigate to 'https://"Your-IP-Adress:6175"'. You should be able to see a web-based SSH terminal. Login using your username and password and you should be presented with your shell prompt.

enter image description here

source

Solution 2:

The example you provided is correct, but somewhat misleading. This should work:

ssh -L 8080:<remote-web-host-you-want-to-see>:80 remote-user@remote-ssh-server

For example, consider a remote box running ssh that can access this web-page, which I want to see locally:

http://192.168.1.2/index.html

To create a tunnel on my local box that allows me to browse to that remote page, I run locally:

ssh -L 8080:192.168.1.2:80 user@remote-ssh-server

And, then in a web-browser, I visit:

http://localhost:8080/index.html

If you need (or want) to omit the port specifier, you will need to open the tunnel as root, since 80 is a "privileged" port (<1024):

sudo ssh -L 80:<remote-web-host-you-want-to-see>:80 remote-user@remote-ssh-server

Then, you can just visit locally:

http://localhost/index.html

No other configuration is required.

Incidentally, this only works for a single host that you want to see locally. If you need to see more, you either need to open more tunnels on other ports or examine the other solutions that tunnel requests for all remote hosts through a proxy.

This is the 3rd usage of the -L switch from man ssh:

 -L [bind_address:]port:host:hostport
 -L [bind_address:]port:remote_socket
 -L local_socket:host:hostport
 -L local_socket:remote_socket
         Specifies that connections to the given TCP port or Unix socket on the
         local (client) host are to be forwarded to the given host and port, or
         Unix socket, on the remote side.  This works by allocating a socket to
         listen to either a TCP port on the local side, optionally bound to the
         specified bind_address, or to a Unix socket.  Whenever a connection is
         made to the local port or socket, the connection is forwarded over the
         secure channel, and a connection is made to either host port hostport,
         or the Unix socket remote_socket, from the remote machine.

         Port forwardings can also be specified in the configuration file.  Only
         the superuser can forward privileged ports.  IPv6 addresses can be
         specified by enclosing the address in square brackets.

         By default, the local port is bound in accordance with the GatewayPorts
         setting.  However, an explicit bind_address may be used to bind the
         connection to a specific address.  The bind_address of “localhost”
         indicates that the listening port be bound for local use only, while an
         empty address or ‘*’ indicates that the port should be available from
         all interfaces.