ssh port forwarding / tunnel

Local Port Forwarding

Forward a local port to a remote host:

Forward local port 8080 to remote host's port 80.
Example: allow the local host to access a restricted webserver on the remote host.

ssh -fN -L 127.0.0.1:8080:127.0.0.1:80 user@remote.example.com
- -q = quiet
- -f = put ssh to background
- -N = Do not execute a remote command
- -L = local port forwarding
- Note: the first "127.0.0.1" is optional and prevents to publicly open the 2223 port on the local host

Forward a port to a remote host via an intermediate "jump" host:

ssh -fN -L 127.0.0.1:8080:remote.example.com:80 user@jump.example.com

Remote Forwarding / Reverse Tunneling

Open port 8080 on the remote host and forward it to port 80 on the local host.
Example: allow anyone on the remote host to access a restricted webserver on the local host.

ssh -fN -R 8080:127.0.0.1:80 user@remote.example.com
-R = remote forwarding

Useful Options

-o ExitOnForwardFailure=yes
- Exit if port forwarding cannot be established
-o ConnectTimeout=5
- Exit if connection cannot be made after 5 seconds of trying

Terminate the tunnel

fuser -k -n tcp 8080
- Terminates the tunnel by port number

Updated at 06/03/2020 08:33

https://www.ullright.org/ullWiki/show/ssh-port-forwarding

Create