Intranet penetration based on FRP -- SSH Remote connection to intranet server with the help of public server

Equipment preparation

A usable public network server 、 One can access web The Intranet $X$ The computer , One can access web Is not part of the Intranet $X$ The computer .

Document preparation

Download the corresponding file Portal

linux Issue the command to decompress ：

tar -zxvf  frp_0.44.0_linux_amd64.tar.gz

The client is meant to be ssh Computers accessed .
The server refers to the public network IP The computer .

Run file configuration

# frps.ini
[common]
bind_port = 7000 #  The port opened by the public server 

# frpc.ini
[common]
server_addr = #  Public server IP Address 
server_port = 7000 #  The port opened by the public server 

[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 6000 #  This port is used for proxy 

File run

Server operation

./frps -c ./frps.ini

Client running

./frpc -c ./frpc.ini

Non intranet computer ssh Connect

ssh -oPort=6000 [email protected] #x.x.x.x It's from the public network server IP

Open port

See if the connection is successful , If it doesn't work , Check whether the firewall port of the public server is open .
6000 and 7000 All ports should be opened .

netstat  -ntulp #  Query open ports  
netstat  -ntulp | grep  Port number  #  You can check a specific port number  
firewall-cmd --query-port=6000/tcp  #  Query whether the specified port is open , Tips  yes, Open for indication ;no Indicates not on .

firewall-cmd --add-port=6000/tcp --permanent #  Add the specified port to be opened  
firewall-cmd --add-port=7000/tcp --permanent #  Add the specified port to be opened  
firewall-cmd --reload #  Overload into the added port  
firewall-cmd --query-port=6000/tcp #  Query whether the specified port is opened successfully  
firewall-cmd --permanent --remove-port=6000/tcp #  Remove the specified port  
firewall-cmd --permanent --remove-port=7000/tcp #  Remove the specified port  

remarks ： The running public network server is ubuntu20.04, The instruction set is amd64 Of , If you need other architectures , You can visit Warehouse Download the software version of the corresponding architecture , Version mismatch will appear core dump And so on .