Port Forwarding - How to Expose Port from Server to Your PC by SSH Tunnel
SSH stands for “Secure Shell” or “Secure Socket Shell“. It is a cryptographic network protocol that allows two computers to communicate and share the data over on insecure network such as Internet. SSH protocols protects the network from various attacks.?
Local Port Forwarding
Starting from the one that I use the most. Oftentimes, there might be a service listening on localhost or a private interface of a machine that I can only SSH to via its public IP. And I desperately need to access this port from the outside. A few typical examples:
All of the above use cases can be solved with a single ssh command:
ssh -L local_port:remote_addr:remote_port [user@]bastion_addr
Remote Port Forwarding
Another popular (but rather inverse) scenario is when you want to momentarily expose a local service to the outside world. Of course, for that, you'll need a public-facing ingress gateway server. A few typical examples:
领英推荐
But fear not! Any public-facing server with an SSH daemon on it can be used as such a gateway:
ssh -R [server_addr:]server_port:bastion_addr:bastion_port [user@]gateway_addr
Conclusion
SSH port forwarding provides a secure way to access services on remote servers or local machines. Local port forwarding maps a remote service to a local port, while remote port forwarding maps a local service to a remote port. Both types of port forwarding have their specific use cases and benefits, but it’s important to consider the security implications when using either type.