Tunnelling allows connections to be made to remote services through an encrypted connection. This is useful if there is a firewall preventing your access to a server from one machine, but you do have access to the server from another machine to which you can use ssh to connect.
Ssh uses port forwarding to establish a connection between a local port and the port which runs the service to be tunnelled on the remote machine (which might be POP or FTP or HTTPS, for example). Once port forwarding is set up you connect to the local port which then forwards the connection through ssh to the remote port. That is, all requests sent to the local port are forwarded to the remote port and thus encrypted, and from the remote port it appears you are actually on that remote host.
You will either receive a message stating the version of the remote ssh server or an error message similar to:
The ssh syntax for port forwarding is:
A useful example is tunnelling of POP as described in Section 28.3.1. We list a number of actual examples here:
Suppose you want to access your secure https server from outside the secure network. The https server uses port 443. suppose you have ssh access to host lynx. Establish the tunnel with:
Then you can access this firewall protected HTTPS server locally through https://localhost:5443/.
Here's an example using POP:
Then you can access the POP server on your local machine.
|Facts: " Beware of bugs in the above code; I have only proved it correct, not tried it. "|
Friday 13 December 2013 09:46:46 1386928006