Skip to content

Instantly share code, notes, and snippets.

Last active June 3, 2020 13:50
Show Gist options
  • Save gkastrinis/0d05ab2f49ca67f18fc73c96e09f28d6 to your computer and use it in GitHub Desktop.
Save gkastrinis/0d05ab2f49ca67f18fc73c96e09f28d6 to your computer and use it in GitHub Desktop.
SSH Tunneling (a.k.a. Port Forwarding)

SSH Tunneling (a.k.a. Port Forwarding)

In general, SSH tunneling creates a secure connection between a local computer and a remote machine through which services can be relayed (the important part). Because the connection is encrypted, SSH tunneling is useful for transmitting information that uses an unencrypted protocol, such as IMAP, VNC, or IRC (the not-so-important part).

A case where I found this to be a useful technique was when I had a remote machine running a web server but because of various reasons (e.g. security concerns) there was no public open port available (that I could use). If such a port existed (e.g. 9876), I could simply access the web server from my favorite web browser just by providing the appropriate URL address (e.g. But fortunately enough, I had SSH access to that remote machine.

This is how it works:

  1. On the remote machine, the web server is running using whatever (maybe non-public) port we like (e.g. 9876)
  2. Use SSH to connect to the remote machine, but in a specific way that will forward a port on the remote machine to a port on our local computer (e.g. 8080) -- this is the important part
  3. On our local computer, we use our web browser to access the web server by providing the following URL address: http://localhost:8080

The important part

Linux local computer (more info)

We connect to our remote machine using ssh -L 8080:localhost:9876

Windows local computer (more info)

One simple solution is using an SSH client like PuTTY (or my prefered alternative/fork KiTTY).

  1. Go to "Connection" -> "SSH" -> "Tunnels"
  2. Tick the option "Remote ports do the same (SSH-2 only)"
  3. In the "Source port" field use 8080
  4. In the "Destination" field use
  5. Click "Add"
  6. Connect to the remote machine
Copy link

its possible to do this setting with SecureCRT?

Copy link


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment