SSH Port forwarding from remote to local machine
SSH has a wonderful feature called SSH Port Forwarding, also known as SSH Tunneling, which allows you to establish a secure SSH session and then tunnel arbitrary TCP connections through it. Tunnels can be created at any time, with almost no effort and no programming, which makes them very appealing.
Here I’ll illustrate it using an example. Suppose you have installed and configured Jabber Instant Messaging Server (check out tutorial on this site). You found later that in the Server machine, there’s no GUI available and you need to access its graphical web admin interface. In this case, you can easily forward port from Server machine to your own PC to access the admin interface. You might know that ejabberd (Jabber Server) web admin interface is available on port 5280.
Just for checking, try once to telnet to port 5280 on locahost:
[root@Desktop]# telnet localhost 5280
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host: Connection refused
The connection was refused as there’s no service to entertain the request on specified port.
Let’s do the forwarding now. The syntax is: ssh -L localport:remotehost:remoteport remotehostip
Here is the example:
[root@Desktop]# ssh -L 5280:localhost:5280 192.168.0.38
Password: ******
[root@Server]#
You will be logged in Server and the specified port will be forwarded to your host. Sometimes, its uncomfortable to login in the Server while we just need to do only port forwarding, you can avoid logging in Server by using -N option with ssh command.
Just jump to another another shell and try to telnet localhost now:
[root@Desktop]# telnet localhost 5280
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
Cool. you are able to connect. Open your browser and type: http://localhost:5280/admin/ to open the web admin interface of ejabberd IM Server.
