It amazes me when a $50 device supports ssh tunelling! I wanted to run the web interface on a MikroTik router I’d just installed. Command line access is all very well, but for a lot of stuff, the web interface is a lot quicker (and less error prone).
On the MikroTik, no configuration changes were required at all. An ssh server is provided out of the box on MikroTik routers.
On my laptop at home, I did this:
ssh -f -N -L 80:localhost:80 admin@routername
-f parameter means “drop into the background after asking for any input that’s needed”. The
-N parameter means “don’t execute any commands”. And the
-L parameter says “if I connect on port 80 of localhost, forward the connection over the ssh link to port 80 on the remote machine”.
After being prompted for my password, I could then type “localhost” into the location bar of my browser and use the web interface on the Mikrotik router.
How cool is that?
The ssh tunnel will stay up indefinitely. To take it down, I just kill -TERM the appropriate process locally.