Sometimes, it’s desirable to connect to a remote machine running a specific service without enabling it for the whole Internet. This can be done with port forwarding.
Port forwarding allows you to bind a local IP socket to a remote one so that you can access to a service running in the remote machine as you would if it was running on your own computer.
SSH can handle that situation adding a secure layer. It can create an encrypted tunnel to connect the ports and all you need is to have an SSH server running anywhere on the network.
A simple case: SSH server running on the remote host
ssh -L [local_IP_address]:local_port:remote_host:remote_port remote_host
Local_IP_address is an optional parameter that allows you to specify which address you want to use in case your local computer has multiple IP addresses. It’s important to notice that when you run that command an SSH session will be opened and the port forwarding will be active until you log out from that session.
An exotic situation: SSH server on a third machine
The only restriction on that command is that the remote_host parameter should be a domain the SSH server can resolve or an address the SSH server can reach to. Therefore, you can use an SSH server to bind sockets from other machines. For example, you can access The Linux Kernel Archives from a local port!
ssh -L 9090:kernel.org:80 ssh_server
Now, open your browser and go to http://localhost:9090. Are you impressed?
