Using SSH to Port Forward

Using SSH to Port Forward

• The Ubuntu host must be running an SSH Server.
• The format of the client command to create an SSH tunnel to an OpenSSH host listening on the default port 22 is:

ssh -L <local port>:<remote computer>:<remote port> <user>@<remote ip>

An example is:

ssh -L 6669:94.92.10.15:6667 foowho

In this example, local port 6669 on the local client computer is tunneled by encrypted SSH over the default port 22 to the router at 94.92.10.15. The router must be set up to forward port 22 to whatever the internal LAN IP (such as 192.168.0.56) of the SSH host is. The host is running OpenSSH (ssdh service) and is set to listen to port 22. It then routes the incoming data to the host port 6667, where presumably some other program is waiting for data. foowho has an account on the host running the OpenSSH server.

SSH tunnels can also be established using URLs and even alternate ports. An example is:

ssh -L 5900:foobar.dyndns.org:5900 foowho -p 11022

In this example, local port 5900 on the client is forwarded through an SSH tunnel on port 11022 to foobar.dyndns.org. The DNS service translates foobar.dyndns.org into the appropriate WAN (Internet) IP address, where the router is listening. The router is set up to forward port 11022 to the LAN machine hosting the OpenSSH server, which is listening on port 11022. It then sends the data to whatever program is running on port 5900 on the host.

• You can forward a local port to a different port on the remote host.

Example: Make port 80 (web server/browser) on the remote host at 10.0.2.10 available locally as port 81

ssh -L 81:10.0.2.10:80 [email protected]

• You can create secure SSH tunnels to multiple hosts using multiple ports.

ssh -L 81:10.0.2.10:80 -L 82:10.0.2.20:80 -L 83:10.0.2.30:80 [email protected]

Now, local port 81 locally forwards to port 80 on the host at 10.0.2.10, local port 82 forwards to port 80 on the host at 10.0.2.20 and local port 83 forwards to port 80 on the host at 10.0.2.30. In this example, user has an account on all three host machines at 10.0.2.10, 10.0.2.20, and 10.0.2.30.

• Once port forwarding is set up by ssh, an application is directed to the SSH tunnel for port usage by using the loopback as the destination.

Example 1:

ssh -L 81:10.0.2.10:80 [email protected]

http://localhost:81 or http://127.0.0.1/:81

will direct a web browser to use port 81 locally, which is being redirected by SSH to port 80 on the remote host at 10.0.2.10.

Example 2:

ssh -L 5900:foobar.dyndns.org:5900 foowho
vncviewer 127.0.0.1 or vncviewer localhost

will direct vncviewer (which uses port 5900 by default) to direct its traffic through the ssh tunnel to the host at foobar.dyndns.org, where, presumably, a VNC server is listening on port 5900.