Intro
Achieve front-end and back-end debugging when outside the local network. Besides a)building vpn in aws [aws vpn],b)reverse ssh tunnel, there introduce another method which is more simple to expose local service, to make private cloud have access to local service.
0.Using Ngrok (intranet penetration tool)
Ngrok is a lightweight intranet penetration tool that can quickly expose local services to the public network. It is very suitable for scenarios where the host does not have a public IP.
1. Configure Ngrok in your mechine
1). Check the system architecture
Run the following command in the terminal to confirm system architecture:
uname -m
- x86_64: 64-bit architecture.
- arm or aarch64: ARM architecture
2).Download the correct Ngrok binary
x86_64:
wget https://bin.equinox.io/c/bNyj1mQVY4c/ngrok-v3-stable-linux-amd64.tgz
ARM64:
wget https://bin.equinox.io/c/bNyj1mQVY4c/ngrok-v3-stable-linux-arm64.tgz
3). Unzip the file
Unzip the file you just downloaded:
There I use the ubuntu(aarch64)
tar -xvzf ngrok-v3-stable-linux-arm64.tgz
Once the unzip is complete, you should see a file called ngrok.
4). Install Ngrok
Move the unzipped file to your system's global path, such as /usr/local/bin:
sudo mv ngrok /usr/local/bin
5). Verify the installation
Check that the installation was successful:
ngrok version
If successful, it will display output similar to the following:
ngrok version 3.x.x
2. Get an authtoken
Register an Ngrok account and get an authtoken : https://dashboard.ngrok.com/
- go to the setting, and configure payment method, and then choose free tier.
After finish setting, go to token.
Authenticate the ngrok agent. only have to do this once. The Authtoken is saved in the default configuration file.
ngrok config add-authtoken <your-token>
3. Run Ngrok again
Now we can use Ngrok normally. For example, to start an SSH tunnel (port 22):
ngrok tcp 22
If successful, Ngrok will output an address similar to the following:
Forwarding tcp://0.tcp.ngrok.io:12345 -> localhost:22
- Edit ssh_config
sudo vim /etc/ssh/sshd_config
PermitRootLogin yes
PasswordAuthentication yes
KbdInteractiveAuthentication yes
UsePAM yes
#PubkeyAuthentication yes
now we can access our SSH service from the outside using the following command:
ssh user@0.tcp.ngrok.io -p 12345
- user: Replace with your host's SSH username (e.g. ubuntu).
- tcp.eu.ngrok.io and 12345: from the address and port provided by Ngrok.
4.Configuring Ngrok to Auto-Start on Ubuntu Virtual Machine
This guide explains how to configure Ngrok to start automatically on boot with persistent settings on an Ubuntu virtual machine.
# Step 1: Create an Ngrok Configuration File
mkdir -p $HOME/.ngrok2
nano $HOME/.ngrok2/ngrok.yml
# Add the following content to ngrok.yml:
version: "2"
authtoken: your-authtoken
tunnels:
ssh:
proto: tcp
addr: 22
# Or use:
mkdir -p $HOME/.ngrok2 && cat <<EOF > $HOME/.ngrok2/ngrok.yml
version: "2"
authtoken: your-authtoken
tunnels:
ssh:
proto: tcp
addr: 22
EOF
# Save the file and test the configuration
ngrok start --config=$HOME/.ngrok2/ngrok.yml --all
# Step 2: Create a Systemd Service File
sudo nano /etc/systemd/system/ngrok.service
# Add the following content to the service file:
[Unit]
Description=Ngrok Service
After=network.target
[Service]
ExecStart=/usr/local/bin/ngrok start --config=/home/<username>/.ngrok2/ngrok.yml --all
Restart=on-failure
User=<username>
WorkingDirectory=/home/<username>
Environment="PATH=/usr/local/bin:/usr/bin:/bin"
[Install]
WantedBy=multi-user.target
# Save and exit the file
# Step 3: Enable and Start the Service
sudo systemctl daemon-reload
sudo systemctl stop ngrok
sudo systemctl start ngrok
sudo systemctl status ngrok
# Enable the service to start on boot
sudo systemctl enable ngrok
# Step 4: Verify Ngrok Auto-Start on Boot
sudo reboot
# After rebooting, check the Ngrok service status
sudo systemctl status ngrok
# Confirm Ngrok is running and its tunnels are active
# Ngrok’s web interface is available by default at http://127.0.0.1:4040
go to dashboard:https://dashboard.ngrok.com/agents
Top comments (0)