Development Tools

frp + ssh to Implement Reverse Proxy

Requirements and Configuration

  • A jump server A with a public IP address: $a.a.a.a$
  • An internal network machine B that needs penetration, with username: $bb$

Reference: Installation | frp (gofrp.org)

Download

You can download the latest versions of the client and server binaries from the GitHub Release page. All files are packaged in a compressed archive, which also includes a complete configuration parameter documentation.

Deployment

Extract the downloaded archive.

Copy $frpc$ to the internal network machine B.

Copy $frps$ to the public IP machine A, and place them in any directory.

Configuration

  1. Deploy $frps$ on the public IP machine A

Deploy $frps$ and edit the $frps.toml$ file. Here is a simplified configuration that sets the port for the frp server to receive client connections:

1

bindPort = 7000
  1. Deploy $frpc$ on the internal network machine B

Deploy $frpc$ and edit the $frpc.toml$ file. Assuming the public IP address of the frps server is $a.a.a.a$, here is an example configuration:

1
2
3
4
5
6
7
8
9

serverAddr = "a.a.a.a"    
serverPort = 7000    
  
[[proxies]]    
name = "ssh"    
type = "tcp"    
localIP = "127.0.0.1"    
localPort = 22    
remotePort = 6000
  • localIP and localPort are configured as the address and port of the internal network service that needs to be accessed from the public network.
  • remotePort specifies the port to listen on the frp server. Traffic to this port will be forwarded to the corresponding port of the local service.

Startup

Direct Startup

  1. On machine A, start the server with the following command: 
    1

    ./frps -c ./frps.toml
  2. On machine B, start the client with the following command: 
    1

    ./frpc -c ./frpc.toml

System Startup

On Linux systems, you can use systemd to conveniently manage the startup, shutdown, background operation, and automatic startup on boot of the $frps$ server. The same applies to the $frpc$ service.

Here are the detailed steps:

  1. Install systemd

If your Linux server does not have systemd installed, you can use package managers like yum (for CentOS/RHEL) or apt (for Debian/Ubuntu) to install it:

1
2
3
4
5

# Install systemd using yum (CentOS/RHEL)    
yum install systemd    
  
# Install systemd using apt (Debian/Ubuntu)    
apt install systemd
  1. Create the $frps.service$ file

Use a text editor (e.g., vim) to create a $frps.service$ file in the /etc/systemd/system directory to configure the $frps$ service.

1

$ sudo vim /etc/systemd/system/frps.service

Write the following content:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

[Unit]    
# Service name, customizable    
Description = frp server    
After = network.target syslog.target    
Wants = network.target    
  
[Service]    
Type = simple    
# Command to start frps, modify it to your frps installation path    
ExecStart = /path/to/frps -c /path/to/frps.toml    
  
[Install]    
WantedBy = multi-user.target
  1. Manage the $frps$ service using systemd commands
1
2
3
4
5
6
7
8

# Start frp    
sudo systemctl start frps    
# Stop frp    
sudo systemctl stop frps    
# Restart frp    
sudo systemctl restart frps    
# Check frp status    
sudo systemctl status frps
  1. Enable $frps$ to start on boot
1

sudo systemctl enable frps

Usage

SSH Access 

1

ssh -o Port=6000 bb@a.a.a.a

frp forwards traffic from $a.a.a.a:6000$ to port $22$ of the internal network machine.

VSCode Access 

1
2
3
4

Host AnyNameYouLike    
    Hostname a.a.a.a    
    Port 6000    
    User bb

Troubleshooting

SSH remote connection error: kex_exchange_identification: Connection closed by remote host_maxstartups - CSDN Blog

SSH connection error: REMOTE HOST IDENTIFICATION HAS CHANGED - CSDN Blog

SSH Login Warning: WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! - Xinghen1216 - Blog Garden

comments powered by Disqus
© 2025 Piri Gao
发表了4篇文章 · 总计0万2千字
Built with Hugo
Theme Stack designed by Jimmy