Have you ever wondered what port forwarding is or what the difference between local and remote port forwarding is? Port forwarding is a way to forward or “tunnel” TCP traffic through SSH from one machine to another. Using just one line of code, you can create an outgoing tunnel, forward your IP requests over that tunnel, and receive the response. In this way you can pull the data from a remote server to a local server (local port forwarding), and your local machine acts as a proxy server for the remote one. Or you can create an incoming tunnel to a remote server which receives IP requests, forwards them over that tunnel to the local server where it is processed and sent back again. Thus it is possible to push data from a local server to/through a remote server (remote port forwarding).

Local Port Forwarding (Outgoing Tunnel):

  • Principle: Local host forwards/displays content of remote host. Local host acts as proxy. Tunneling opens a listening socket on localhost and transfers content to remote server
  • Command: ssh -L local_port:remote_host:remote_port login@servername
  • Tunnel: local host -(SSH tunnel)→ remote host -(SSH tunnel)→ local host
  • Example: check remote host behind load-balancer or firewall on localhost

Remote Port Forwarding (Incoming Tunnel):

  • Principle: remote host forwards content of localhost. Remote host acts as proxy. Tunneling opens a listening socket on the remote server host and transfers the content to the local host
  • Command: ssh -R remote_port:local_host:local_port login@servername
  • Tunnel: remote host -(SSH tunnel)→ local host -(SSH tunnel)→ remote host
  • Example: make localhost visible in the internet or giving access to a service on your home machine to people at work