ssh port forwarding / tunnel

Local Port Forwarding

Forward a local port to a remote host:

Forward local port 8080 to remote host's port 80.
Example: allow the local host to access a restricted webserver on the remote host.

  • ssh -fN -L
    • -q = quiet
    • -f =  put ssh to background
    • -N = Do not execute a remote command
    • -L = local port forwarding
    • Note: the first "" is optional and prevents to publicly open the 2223 port on the local host

Forward a port to a remote host via an intermediate "jump" host:


Remote Forwarding / Reverse Tunneling

Open port 8080 on the remote host and forward it to port 80 on the local host.
Example: allow anyone on the remote host to access a restricted webserver on the local host.

Useful Options

  • -o ExitOnForwardFailure=yes
    • Exit if port forwarding cannot be established
  • -o ConnectTimeout=5
    • Exit if connection cannot be made after 5 seconds of trying


Terminate the tunnel

  • fuser -k -n tcp 8080
    • Terminates the tunnel by port number