In general, SSH tunneling creates a secure connection between a local computer and a remote machine through which services can be relayed (the important part). Because the connection is encrypted, SSH tunneling is useful for transmitting information that uses an unencrypted protocol, such as IMAP, VNC, or IRC (the not-so-important part).
A case where I found this to be a useful technique was when I had a remote machine running a web server but because of various reasons (e.g. security concerns) there was no public open port available (that I could use).
If such a port existed (e.g. 9876), I could simply access the web server from my favorite web browser just by providing the appropriate URL address (e.g. http://example.com:9876).
But fortunately enough, I had SSH access to that remote machine.
This is how it works:
- On the remote machine, the web server is running using whatever (maybe non-public) port we like (e.g.
9876) - Use SSH to connect to the remote machine, but in a specific way that will forward a port on the remote machine to a port on our local computer (e.g.
8080) -- this is the important part - On our local computer, we use our web browser to access the web server by providing the following URL address:
http://localhost:8080
Linux local computer (more info)
We connect to our remote machine using ssh -L 8080:localhost:9876 george@example.com
Windows local computer (more info)
One simple solution is using an SSH client like PuTTY (or my prefered alternative/fork KiTTY).
- Go to "Connection" -> "SSH" -> "Tunnels"
- Tick the option "Remote ports do the same (SSH-2 only)"
- In the "Source port" field use
8080 - In the "Destination" field use
example.com:9876 - Click "Add"
- Connect to the remote machine
hi,
its possible to do this setting with SecureCRT?
Thanks