SSH Port Forwarding

Wednesday, March 04, 2009 12:37 am Brian T. Pence
Print

SSH provides a feature known as port forwarding (or tunneling) that allows you to securely tunnel data from other less secure applications through the SSH encrypted session.  Connections can either be initiated locally and forwarded to a server on the remote network or can be initiated on the remote and forwarded to the local network.  X11 forwarding can also be performed, which is always from the remote host to local network.

SSH port forwarding is available in AbsoluteTelnet/SSH in either SSH1 mode or SSH2 mode.  The feature can be accessed through the Options->Properties->Connection menu on either the SSH1 or SSH2 tab.

ssh port forwarding

Click the 'Forwarding' button to bring up the forwarding configuration dialog (below)

ssh forwarding setup

Multiple forwarding channels can be added.  Click the 'Add' button to add either a 'remote to local' or 'local to remote' forwarding definition.  Click the 'X Forwarding' button to enable X11 forwarding.  Remember, though, that if you have an openly active session, you'll have to disconnect and reconnect to enable all of the new forwarding definitions.  When you click the 'Add' button, you'll be able to add a forwarding definition (below).

ssh forwarding definition

On this dialog, use the radio buttons on the left to forward either a local port to the remote network or a remote port to the local network. 

 LOCAL FORWARDING:

When enabled, network connections to your client machine on the local port will be forwarded to the remote machine on the given port.  The remote machine could be either your SSH host or any machine reachable from the SSH host.  You can enter either an IP address or hostname, but the address must be resolvable on and reachable from the SSH host.  For 'adapter', you can choose between:

  1. 'ALL ADAPTERS' - allows all connections to the local port (including those originating from another node on your local network) to be forwarded to the remote machine on the remote port.
  2. 'LOCAL CONNECTIONS ONLY' - Forwards only connections originating from applications running on YOUR PC to the remote machine on the remote port.
  3. Specific adapter - allows only connections made to a specific network adapter (if you have more than one) to be forwarded.

REMOTE FORWARDING:

When enabled, network connections to the SSH server on the remote port will be forwarded to the local machine on the given port.  The remote machine could be either your PC  or any machine reachable from your PC.  You can enter either an IP address or hostname, but the address must be resolvable on and reachable from your PC. 

Last Updated on Wednesday, March 04, 2009 01:26 am