SSH port forwarding

Published: Wednesday, Dec 26, 2007 Last modified: Wednesday, Oct 2, 2024

My home machine is behind a firewall. But I still want to connect to it. I have a server dabase.com on the internet. I run this command on my home machine.

ssh -R 8000:localhost:22 dabase.com

Now I ssh to dabase.com and then ssh again to localhost:8000 to get to my home machine.

Another scenario:

debian machine is on the local network. server is out there on the big bad Internet. The firewall on the server only allows 22(ssh),80(web/http) and 443(https). If I want to use say Webmin (hehe, joke), VNC(remote desktop) or Oracle’s Enterprise Manager I don’t really want to open a port especially for these (insecure) applications. So instead of a iptables insert and restart (and hoping no one is sniffing), I just use ssh. Problem is this only seem to work on the local machine (for me). So if you’re using Windows you need to install cygwin and ssh that is packaged with it.

Try this:

debian$ ssh -L 8080:localhost:80 server.example.com

Then I point my local browser at http://localhost:8080 and I am using Apache over at the server! How cool is that? :)