[Authored by Sam]
[01/04/15 – Editor’s note: This post was written in 2008. In 2015 we don’t use this “reverse ssh tunnel” method much anymore, but the technique is still interesting.]
In my last post I described how to use reverse ssh tunnels and screen -x to setup a remote pair programming environment.
Several people have commented that this works well for sharing a console based editor (vim, emacs) but that there is no way for the remote pair to look at how things are rendering in the browser. Well here’s a super simple way to use ssh tunnels to share your development server too. I’ve seen variations on how to do this (Advanced Rails Recipes: Pragmatic Programmers has one). The advantage to the below method is it requires no server configuration and is very secure from snooping.
Forwarding your webserver using two ssh tunnels
The “local” pair (the one who’s running the server) starts the server on port 3000 and then forwards localhost 3000 to a port on the public server (8080 in example). Ssh tunnels, by default only bind to localhost, so hitting the public server on port 8080 won’t work.
Local pair runs:
$ script/server $ ssh -nvNT -R 8080:127.0.0.1:3000 sam@publicserver.com
Then the remote pair sets up her own ssh tunnel, forwarding port 8080 on the public server to a port on localhost (also 8080 in this example). Note we’re using an -L flag here to forward a remote port to a local port. -R does the reverse.
Remote pair runs:
$ ssh -nvNT -L 8080:127.0.0.1:8080 alice@publicserver.com
Now when my pair hits http://localhost:8080 in her browser she’ll get a response from my local development server. Its also possible to set up the ssh tunnel so anyone can hit publicserver.com:8080 and see my local server, but this requires some setup on the public server.