SSH Tunneling

SSH Tunneling is also known as Port Forwarding is a way to forward insecure TCP traffic through SSH Secure Shell. For an example, we can make a secure POP3 access by forwarding non-standard local port to remote POP3 port using SSH.

ssh -f user@mail-server -L 2000:localhost:110 -N

-f –> Requests ssh to go to background just before command execution
-L –> port:host:hostport -> Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side.
-N –> Do not execute a remote command. This is useful for just forwarding ports.


Note: Only root can forward local privileged port (0 – 1024)

Sometime, we want to access remote server (eg: Web Application) that is behind the firewall and does not accept direct connection. Therefore, we can use the SSH tunneling to access the remote web server. The command as below:

ssh -f user@gateway-server -L 8000:web-server:80 -N


Once the connection established, from any browser type http://localhost:8000 and you will be connected to remote web site.