SSH tunneling is a method for securely forwarding network traffic between a local machine and a remote server. It leverages the encryption of SSH (Secure Shell) to protect data in transit and is useful for secure remote access, bypassing firewall restrictions, or accessing services on a private network.
By creating an encrypted tunnel, SSH tunneling allows you to forward network connections through a secure channel. There are three primary methods of SSH tunneling:
| Method | Command Option | Description |
|---|---|---|
| Local Port Forwarding | -L |
Forwards a port from your local machine to a remote host and port. |
| Remote Port Forwarding | -R |
Forwards a port from the remote server back to your local machine. |
| Dynamic Port Forwarding | -D |
Creates a SOCKS proxy that dynamically forwards traffic. |
Local port forwarding directs connections from a specified port on your local machine to a destination address and port on a remote network. This is useful for securely accessing remote services as if they were local.
Basic Syntax:
ssh -L [local_port]:[destination_host]:[destination_port] [user]@[ssh_server]Example: Forward your local port 8888 to localhost:80 on the remote server server.example.com:
ssh -L 8888:localhost:80 [email protected]After executing this command, browsing to http://localhost:8888 will securely tunnel your connection to the remote web server.
Remote port forwarding enables a remote SSH server to forward a port to a host and port on your local machine. This is useful when you want to provide remote users access to a local service.
Basic Syntax:
ssh -R [remote_port]:[destination_host]:[destination_port] [user]@[ssh_server]Example: Forward remote port 9000 on server.example.com to localhost:3000 on your local machine:
ssh -R 9000:localhost:3000 [email protected]Remote users connecting to server.example.com on port 9000 will have their traffic tunneled to your local service running on port 3000.
Dynamic port forwarding sets up a SOCKS proxy on your local machine. With this method, you can route traffic dynamically, allowing applications to send their data through the secure SSH tunnel.
Basic Syntax:
ssh -D [local_port] [user]@[ssh_server]Example: Set up a SOCKS proxy on local port 1080:
ssh -D 1080 [email protected]You can configure your web browser or other applications to use localhost:1080 as a SOCKS proxy to secure your traffic.
On modern Windows systems, OpenSSH is available by default. You can run SSH tunneling commands directly in PowerShell. For instance, to start a local port forwarding tunnel:
ssh -L 8888:localhost:80 [email protected]If you want to run the tunnel as a background process, you can use PowerShell's Start-Process:
Start-Process ssh -ArgumentList "-L 8888:localhost:80 [email protected]"This command opens the tunnel in a separate process, allowing you to continue using the current session.
If you prefer using PuTTY’s command-line tool plink.exe (for instance, if OpenSSH isn’t available), you can set up an SSH tunnel similarly. Make sure plink.exe is installed and available in your PATH.
Example (Local Port Forwarding):
plink.exe -L 8888:localhost:80 [email protected]This command creates a tunnel where local port 8888 is forwarded to localhost:80 on the remote server.
-i option (e.g., ssh -i C:\path\to\key -L ...).autossh or running the tunnel command in a background process or service.SSH tunneling is a powerful technique for securing network connections and bypassing network restrictions. Whether you are using local, remote, or dynamic port forwarding, these methods help you create encrypted paths for your data. Experiment with the different methods to find the one that best fits your workflow and security requirements.