SSH Tunneling part 1 - Local Forwarding

    Date28 Feb 2003
    Posted ByAnthony Pell
    Want to encrypt an otherwise cleartext transmission? SSH Tunneling may be the tool for you.. . . Want to encrypt an otherwise cleartext transmission? SSH Tunneling may be the tool for you.

    SSH tunnelling is, in a word, cool. If you can SSH from one host to another, you can tunnel other TCP connections over the secure encrypted SSH session. This allows you to protect an otherwise cleartext protocol, or allow arbitrary connections to machines that w ould otherwise be unaccessible.

    There are two kinds of tunneling - LocalForwards and RemoteForwards. Let's cover the first, which is used more frequently.

    A local forward is a tunnel from your local machine through the SSH server. You can create one on the command line by adding ssh arguments of the following form:

       -L local_port:destination_host:destination_port 

    where the bits are defined as follows:

    Create a local forward (bind a local port, and forward it through the remote end.)

    The port on the local machine that /usr/bin/ssh will listen on. This can be a port number or a service name like http, pop3, or mysql.

    The destination host (name or IP address) from the perspective of the SSH se rver. This can be a host that is not accessible at all from the SSH client. For example if your SSH sessions ends behind a firewall and the SSH server can resol ve "" that's fine, even if the SSH client can't reach or find an IP address for that machine directly.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.