$ ssh yourhost.com -L 7000:localhost:6379
----- ---------------- ----------------- --------------
| RDM | -- localhost:7000 --> | OpenSSH, `ssh` | -- yourhost.com:22 --> | OpenSSH, `sshd` | -- localhost:6379 --> | redis-server |
----- ---------------- ----------------- --------------
(1) (2) (3)
- RDM connects and sends data locally on port 7000 to the OpenSSH process - unencrypted
- OpenSSH encrypts the data and sends it to your destination host on port 22.
(-- internet --)
- OpenSSH receives the data on the remote host and decrypts the stream. Then sends the clear text data locally to the redis-server instance on port 6379.
You can shorten the command to something like
ssh redis-tunnel, if you create aHost redis-tunnelentry in your~/.ssh/config:Host redis-tunnel HostName yourhost.com # http://man.openbsd.org/ssh_config#IdentitiesOnly IdentitesOnly yes User remote-redis IdentityFile ~/path/to/your/private/remote-redis@yourhost.com.key # The tunneling # http://man.openbsd.org/ssh_config#LocalForward LocalForward 7000 localhost:6379Use this config with
ssh redis-tunneland then connect tolocalhost:7000with your client.