SSH reverse tunnel into Docker container

docker iptables

I need to xdebug something that fails on the server in a docker container and from my laptop I have ran ssh -R 9000:localhost:9000 server and verified the tunnel by telnet localhost 9000. So far so good, I got a connection.

Now, on the server I did 

iptables -t nat -I PREROUTING -p tcp -d 172.17.42.1 --dport 9000 -j DNAT --to 127.0.0.1:9000

Finally I have committed the problematic docker instance and ran 

docker run  --net=host -t  -i snapshot /bin/bash

Inside the container telnet 172.17.42.1 9000 refuses connection.


I ran into this same issue, except I had two containers wired together with --link, so --net=host wont work for that situtaiton.

When doing an ssh port forward to the remote host using ssh -R 9000:localhost:9000 server, an lsof -P -i -n may show that the port is bound to the servers loopback device, which looks like this:

sshd 39172 ubuntu 9u IPv4 2941407 0t0 TCP ::1:9000 (LISTEN)

That loopback interface is not available to the network inside of the docker container. I remedied this by adding GatewayPorts yes to the sshd_config file on the server and restarting sshd.

The forwarded port 9000 is then bound to the normal interface and available from inside the docker container. (and from any other host for that matter).

Related

how to start ssh server on iOS?
What is the difference between php and php7.2 packages?
How to get pianobar working with tor and polipo
Help fixing virtual consoles (tty1-6) under VirtualBox
Accounting Software for Ubuntu other than GnuCash?
How to restore accidentally deleted /etc/bash.bashrc, without reinstalling Ubuntu? [duplicate]
nvidia drivers fail completely after update to 3.5.019
I want to uninstall Python3 and just use 2.7
Screen intensity before and after inactivity
Connected to WPA-secured network, but no internet [closed]
Display and cursor are out of sync on Ubuntu 18.04 tablet
SSL Connection to Apache web server