Forward remote port to local using ssh

Today, 20th March 2023, Ukraine is still bravely fighting for democratic values, human rights and peace in whole world. Russians ruthlessly kill all civilians in Ukraine including childs and destroy their cities. We are uniting against Putinโ€™s invasion and violence, in support of the people in Ukraine. You can help by donating to Ukrainian's army.

If you did not hear about SSH tunneling before, you must check it out! The method is known as SSH Port Forwarding / SSH Tunneling / SSH Proxying. Usecases:

Let me show you, it is easy as ABC:

Assume you have a remote host with IP rhost_ip and a system user remote_user which you can connect by ssh via 22 port.

To test the connection use:

ssh [email protected]rhost_ip

if it works you will see a new bash interpreter in your terminal (e.g. bash). Exit from it using Ctrl+D

Assume you need to connect from your local machine to port 8080 on the remote host. But you have no 8080 port opened/forwarded to public IP (rhost_ip).

In this case, you can forward it over ssh to same or another local port.

ssh -L 3000:localhost:8080 remote_user@rhost_ip

This will start SSH session and make forwarding which will be alive with the session.

Then just connect to localhost:3000 and it will give you response to remote host port 8080.

Note: 3000 port should not be already used (bound) on localhost before running ssh command.

BTW: to check all opened ports on the local host use:

sudo netstat -tulpn

To check opened ports on the remote host, run it after connecting via SSH.

๐Ÿ˜Ž This console-based method works for any ports. However the SSH is so cool and secure, that is integrated in a lot of Desktop software which connects to remote PORTS, e.g. all database agents like Mysql Workbench or pgAdmin. When you create new server connection there you just can select SSH Tunneling, and specify host like localhost, plus define user and ssh private key/password

โŒ› ๐Ÿ”‘ To save time and get unbrackable secrity we always recomment using KEYPAIR instead of typing password each time. To generate keypair (~/.ssh/id_rsa+ /.ssh/id_rsa) use ssh-keygen, then to install private jey to remote host use ssh-copy-id [email protected]_ip. Then connect and password will not be asked๐Ÿฅณ

Port forwarding mechanism preview (galvanometer)

#ssh #port-forwarding #security
Ivan Borshchov profile picture
Feb 24, 2017
by Ivan Borshchov
Did it help you?
Yes !

Best related