Try  HackMD Logo HackMD

Forward a Remote Website Service to Local via SSH (Pop!_OS, Windows)

Author: Junner
Date: 7/16/2025

For example, if you have https service on remote Pop!_OS at 192.169.1.1:443, and the controller side have ip 140.134.010.101 with hostname junner. You want to access the service at here the Windows.

Controller: Windows 11

win+R to open a Run window, and type powershell. ctrl+shift+enter to open it with Adminstator.

In the shell, start ssh service

Start-Service sshd

Below commands are optional if you needed. You can skip and jump to the remote side operates part.

Allow port 22 connection with rule name "OpenSSH-22"

New-NetFirewallRule -Name "OpenSSH-22" -DisplayName "OpenSSH Port 22" -Protocol TCP -LocalPort 22 -Action Allow -Direction Inbound

To get the status of the rule:

Get-NetFirewallRule -Name "OpenSSH-22"

Out:

Name                          : OpenSSH-22
DisplayName                   : OpenSSH Port 22
Description                   :
DisplayGroup                  :
Group                         :
Enabled                       : True
Profile                       : Any
Platform                      : {}
Direction                     : Inbound
Action                        : Allow
EdgeTraversalPolicy           : Block
LooseSourceMapping            : False
LocalOnlyMapping              : False
Owner                         :
PrimaryStatus                 : OK
Status                        : The rule was parsed successfully from the store. (65536)
EnforcementStatus             : NotApplicable
PolicyStoreSource             : PersistentStore
PolicyStoreSourceType         : Local
RemoteDynamicKeywordAddresses : {}
PolicyAppId                   :
PackageFamilyName             :

To remove the rule:

Remove-NetFirewallRule -Name "OpenSSH-22"

Or disable it temporary:

Disable-NetFirewallRule -Name "OpenSSH-22"

To enable it:

Enable-NetFirewallRule -Name "OpenSSH-22"

Probably you want to block port 22 after all things done ('cause you'll never use it again):

New-NetFirewallRule -Name "Block_SSH_22" -DisplayName "Block SSH Port 22" -Protocol TCP -LocalPort 22 -Direction Inbound -Action Block

And check you only block port 22 from this rule:

Get-NetFirewallRule -Name Block_SSH_22 | Get-NetFirewallPortFilter

Out:

Protocol      : TCP
LocalPort     : 22
RemotePort    : Any
IcmpType      : Any
DynamicTarget : Any

Remote: Pop!_OS

If you're using a built-in firewall:

sudo ufw allow 443
sudo ufw reload

Forward the services via ssh:

ssh -N -R 8080:192.168.1.1:443 junner@140.134.010.101

Controller: Windows 11

And now we can access the website service via https://localhost:8080/.

Last changed by 
JunnerX
a Student. Love math. Learning programming skills and cryptography now.
0
28

Read more

如何安裝 VScode 與設定 Python (Windows 10/11)

到 Python 官方下載頁面,往下滑找到 Python 3.9.13螢幕擷取畫面 2025-11-01 204621

Nov 3, 2025
How to Manually Install Linux Header on Kali

Install Linux Headers for kali

Oct 17, 2025
Install Docker Engine on Kali

I encountered a problem on installing docker engine. Let's fix it! Here's how.

Oct 17, 2025
Access RTX Graphics Card in systemd-spawn Chroot Enviroment (Ubuntu)

Teach you how to run LLM inside Chroot container. Env: Ubuntu Focal Fossa (chroot part) inside Ubuntu Jammy Jellyfish (host)

Oct 17, 2025
Read more from JunnerX
Published on HackMD