SSH Port Forwarding (Tunneling)

SSH (Secure Shell) is a widely used protocol for system administration and file transfer. It provides secure encrypted communication between two hosts over an insecure network. One of the key features of SSH is port forwarding, also known as SSH tunneling, which allows users to create encrypted connections and forward network traffic through SSH sessions. This guide will provide a comprehensive overview of SSH port forwarding, including its types and practical examples.

• Before you begin using SSH port forwarding, ensure the following prerequisites are met:

• If using OpenSSH server, ensure AllowTcpForwarding and GatewayPorts options are appropriately configured in sshd_config.

sudo nano /etc/ssh/sshd_config

• Ensure the following lines are present and set to Yes:

AllowTcpForwarding yes
GatewayPorts yes

• Restart the SSH server to apply changes.

sudo systemctl restart sshd

• SSH client should be installed on the local computer.

• For Unix-like systems, SSH client is usually pre-installed.

• For Windows, consider using OpenSSH package from MSYS2 or Cygwin, or Putty as an alternative.

• Local port forwarding allows forwarding traffic from a port on the local machine to a destination server via an SSH server.

ssh -L 4000:127.0.0.1:3306 user@example.com

• This command forwards traffic from port 4000 on the local machine to port 3306 (MySQL) on the remote server.

• After executing this command, you can connect to the database on the local machine using port 4000.

ssh -L 5901:127.0.0.1:5901 -L 4000:127.0.0.1:3306 user@example.com

• This command forwards traffic from port 5901 (VNC) and port 4000 (MySQL) on the local machine to the respective ports on the remote server.

  VNC stands for Virtual Network Computing. It is a graphical desktop sharing system that allows users to remotely control and interact with graphical desktops of computers or servers over a network connection.

ssh -L 4000:server003.local:3306 user@example.com

• This command forwards traffic from port 4000 on the local machine to port 3306 (MySQL) on a server named server003.local within the internal network.

• Remote port forwarding forwards traffic from a port on the SSH server to the local machine.

ssh -R 7000:127.0.0.1:8000 user@example.com

• This command forwards traffic from port 7000 on the remote server to port 8000 (web application) on the local machine.

• Users can access the web application hosted on the local machine by visiting http://example.com:7000.

ssh -R 8080:192.168.100.1:8000 user@example.com

• This command forwards traffic from port 8080 on the remote server to port 8000 (web application) on the local machine at IP 192.168.100.1.

• Allows remote access to a locally hosted web application.

• Dynamic port forwarding creates a SOCKS proxy on the local machine, allowing traffic to be forwarded through the SSH server dynamically.

ssh -D 4000 user@example.com

• This command creates a SOCKS proxy on port 4000 on the local machine, using the SSH server as a gateway.

• Applications can be configured to use this proxy for secure communication.

• Configure application settings to use SOCKS proxy.

• Consider using browser extensions for easy proxy setup.

• Use -N flag to disable shell when not needed.

• Use -f flag to run SSH in the background.

• Avoid running HTTP servers on remote machines when using SSH as a proxy.

— Nadir Habib 2024/03/30 21:17