SSH Tricks #1: SSH Port Forwards
SSH is the ultimate tool for shifting bits around networks in a secure manner. This is the first of a series of articles on SSH tips. This article is all about the basics; as the tips progress, we will get trickier.
Overview
Port forwards are a way of mapping a TCP from one side of the ssh connection to the other. They are established using the -L and -R parameters to the ssh command. These stand for local and remote port forwards. A local forward takes a port on the local machine and connects it to an IP address and port from the remote machine. As you suspect, a remote forward takes a port on the remote machine and connects is to an IP address and port from machine you are connecting from.
Examples
You could forward port 80 from an internal web server to port 8188 on the machine you are connecting from. This is a sort of poorman’s VPN. You can gain access to resources inside your network via SSH local port forwards. After connecting to your gateway machine you would be able to access the web server at http://localhost:8188. To actually do this the command would look like this:
superbox$ ssh -L 8188:internalweb:80 homerouter
Another common use for this is securing VNC access. Many VNC servers offer the option to only accept connections from localhost. By combining this option with a ssh local forward you can create an encrypted VNC session. This would be done by doing:
superbox$ ssh -L 5900:localhost:5900 vncserver
Remote port forwards are much less common. Lets say you have a local web server running on your workstation and you’d like your friend to take a look at an error on a hot new web app. you’re developing. The catch is you don’t want to let them login to your machine to do a local forward to gain access to your server. In this case you could use a remote port forward like this:
superbox$ ssh -R 8188:localhost:80 untrusted-friend
Your somewhat trustworthy friend could then access your web server at http://localhost:8188.
In the next installment of this series we will reveal a way to make your SSH connection behave even more like a VPN.