Sometimes it's useful to forward a port from a source to a target machine. For instance port forwading itself is used by a router, which creates a sub network. In that case routers act as port delegators.
Port forwarding has a security function as well. For example you want to hide your web server from your public network. So you can tunnel your HTTP port from your secured to your public network machine.
The following examples describes how to forward a remote or a local port via SSH. Typically SSH forwards to localhost (127.0.0.1). To change this you have to set the GatewayPorts parameter to yes (/etc/ssh/sshd_config).
Remote Port Forwading example:
#you want to forward a local port to a remote machine ssh -v -g -R remoteport:localhost:localport root@remotehost #e.g. forwarding my local webserver on port 8080 to http://developers-blog.org:80 ssh -v -g -R 80:localhost:8080 root@developers-blog.org #to bypass the ClientAliveInterval you can append a while loop to hold up the SSH connection ssh -v -g -R 80:localhost:8080 root@developers-blog.org "while [ 1 ]; do sleep 10; echo '\''loop step'\''; done"
Local Port Forwading example:
#you want to forward a remote port to my local machine ssh -v -g -L localport:remotehost:remoteport root@remotehost #e.g. i want to see my local webserver on my ssh -v -g -L 8080:developers-blog.org:80 root@developers-blog.org #for bypass the ClientAliveInterval you can append a while loop as well ssh -v -g -L 8080:developers-blog.org:80 root@developers-blog.org "while [ 1 ]; do sleep 10; echo '\''loop step'\''; done"
Regards
Rafael Sobek
Technorati Tags: SSH Port Forwading SSH Tunneling
Hope you're not doing that from within the company's network. ;-)
Also channeling all data to your web server through SSH encryption WILL cause you a significant amount of additional load on your machine. You might be better of with simple port forwarding and no encryption, right?
Using the root account for connection to the remote server might also not be the best approach.