How To Forward Local Host & Port via SSH Client To Remote SSH Server

By Angsuman Chakraborty, Gaea News Network
Friday, December 21, 2007

SSH is aptly termed as poor man’s VPN. You can use it to either forward local host host name and port to a remote server running ssh daemon. You can also use it to forward remote server’s port to a local host and port.

For example you may want to make a particular host and port (say running your web server) on your intranet available to a remote machine running ssh server. I use this configuration to expose our intranet web server to a manager working from home. Our intranet is behind two firewall and initiating the connection from outside is impossible. This is how we do it:

ssh -R remote_port:local_host:local_port remote_login@remote_ip

remote_port - a port which listens to incoming connections on the server and forwards them to local_host at port local_port.

remote_login - login account on remote server.
remote_ip - Remote IP address or hostname to connect to.

Note: If you ssh daemon is running on a non-standard port (recommended) then use:
ssh -p ssh_server_port -R remote_port:local_host:local_port remote_login@remote_ip

The remote_port is opened only for localhost clients by default. To open it for other clients open sshd_config (of Open SSH server) and set GatewayPorts yes. Make sure that the line is uncommented.

will not be displayed