HomeGuidesHow to Do SSH Port Forwarding (Tunneling) in Linux

How to Do SSH Port Forwarding (Tunneling) in Linux

In this tutorial, we are going tocover SSH port forwarding in Linuxthis can be a operate of the SSH utility that Unix/Linux System administrators use to make encrypted and secure relays across totally different systems.

You can use SSH port forwarding ( SSH tunneling) to make a secure association between 2 or additional systems. Applications will then use these tunnels to transmit information

Your information is just as secure as its encryptionthat is why SSH port forwarding could be a wide spread mechanism to use. scan on to seek out out additional and see the way to established SSH port forwarding on your own systems.

What is SSH port forwarding?

To put it merely, SSH port forwarding involves establishing AN SSH tunnel between 2 or additional systems and so configuring the systems to transmit a such as style of traffic through that association.

There area unit a couple of various things you’ll do with this: native forwarding, remote forwarding, and dynamic port forwarding. every configuration needs its own steps to line up, therefore we’ll reassesse very of them later within the tutorial.

Local port forwarding : is used to forward a port from the client machine to the server machine. Basically, the SSH client listens for connections on a configured port, and when it receives a connection, it tunnels the connection to an SSH server.

Remote port forwarding : is the exact opposite. An SSH tunnel is established, but the remote system is able to access your local network.

Dynamic port forwarding : allows you to create a socket on the local (ssh client) machine, which acts as a SOCKS proxy server. When a client connects to this port, the connection is forwarded to the remote (ssh server) machine, which is then forwarded to a dynamic port on the destination machine

Why You Should Use SSH port forwarding?

Since SSH creates encrypted connections, this can bea perfect resolution if you have got applications that transmit information in plaintext or use associate unencrypted protocol. this is still very true for inheritance applications.

It’s conjointly common to use it to attach to a neighborhood network from the outside—for example, associate worker victimization SSH tunnels to attach to a company’s computer network.

You may be thinking this feels like a VPN. the 2square measure similar, however making ssh tunnels is for specific traffic, whereas VPNs square measure additional for establishing general connections.

SSH port forwarding can permit you to access remote resources by simply establishing associate SSH tunnel. the sole demand is that you just have SSH access to the remote system and, ideally, public key authentication designed for password-less SSHing.

Local forwarding

Local forwarding involves forwarding a port from the shopper system to a server. It permits you to tack a port on your system in order that all connections to it port can get forwarded through the SSH tunnel.

Use the -L switch in your ssh command to specify native port forwarding. the final syntax of the command is like this:

$ ssh -L local_port:remote_ip:remote_port user@hostname.com

Example :

$ ssh -L 80:example1.com:80 example2.com

This command would forward all requests to example1.com to example2.com. Any user on this technique that opens an online browser and makes an attempt to navigate to example1.com will, within the background, have their request sent to example2.com instead and show a distinct web site.

Such a command is helpful once configuring external access to a corporation computer network or alternative non-public network resources.

Test SSH port forwarding

To see if your port forwarding is functioning properlyyou’ll use the netcat command. On the consumer machine (the system wherever you ran the ssh -L command), kind the netcat command with this syntax:

$ nc -v remote_ip port_number

If the port is forwarded and knowledge is in a position to traverse the affiliation with success, Netcat can come with a hit message, and if it doesn’t work, the connection can trip.

If you’re having bother obtaining the port forwarding to figurecertify you’re able to ssh into the remote server ordinarily which you’ve got organized the ports properly. Also, verify that the connection isn’t being blocked by a firewall.

Remote forwarding

Remote port forwarding is usedto offer remote machine access to your system. for instance, if you wish a service on your nativelaptop to be accessible by a system(s) on your company’s personal network, you’lltack remote port forwarding to accomplish that.

To set this up, issue an ssh command with the subsequent syntax:

$ ssh -R remote_port:local_ip:local_port user@hostname.com

If you have got a local web server on your laptop and would really like to grant access there to from a far off network, you may forward port eighty (common http various port) on the remote system to port 80 (http port) on your native system.

Example :

$ ssh -R 8080:localhost:80 nerds@clinerds.com

Dynamic forwarding

SSH dynamic port forwarding cancreate SSH act as a SOCKS proxy server. instead of forwarding traffic on a particular port (the meansnative and remote port forwarding do), this may forward traffic across a spread of ports.

If you have got ever used a proxy server to go to a blocked web site or read location-restricted content (like viewing stuff on Netflix that isn’t on the market in your country), you almost certainly used a SOCKS server.

It conjointly provides privacy, since you’ll be able to route your traffic through a SOCKS server with dynamic port forwarding and stop anyone from snooping log files to envision your network traffic (websites visited, etc.).

To set up dynamic port forwarding, use the ssh command with the subsequent syntax:

$ ssh -D local_port user@hostname.com

Example :

$ ssh -D 1234 nerds@clinerds.com

I hope you find the tutorial useful. let me know your thoughts in comments and if you like this post definitely share this with your geeky friends.



  1. Wow, awesome blog format! How long have you been running a blog for? you made running a blog look easy. The entire glance of your website is wonderful, let alone the content!


Please enter your comment!
Please enter your name here

Most Popular

Recent Comments