SSH Tunnel for Local Applications

By Jimmy Bonney | August 9, 2012

Tunnel

Consider this simple scenario:

  • You have a computer / server / NAS / … at the office behind a firewall
  • The firewall is configured so that you are allowed to access the machine using SSH
  • The machine has services available on different other ports (but they are not accessible from the outside since only the SSH port is open)

Now, how can one access those different services that are accessible on ports blocked by the firewall?

A quite easy way (once you know the command), is to use SSH tunneling. To put it simply, it will allow to map the ports from the remote server that are not accessible to a local port of your computer.

Without further due, here is the command allowing us to do that:

1
ssh USER@SERVER -p PORT -L LOCALPORT:SERVER:REMOTEPORT -N
  • USER is the user name used to connect through SSH
  • SERVER is the server address (yourwebsite.com) or its IP address (1.2.3.4)
  • PORT is the port used to connect to SSH. If default port (22) is used, the -p 22 option can be removed
  • LOCALPORT is the port on your computer to which you want to map the remote service
  • REMOTEPORT is the port on the server that is not accessible remotely

Some examples of the command might be:

1
2
3
(1) ssh jimmy@example.com -L 2000:localhost:80 -N
(2) ssh jimmy@example.com -p 2222 -L 5000:example.com:25 -N
...

In example (1), the port 80 (http) of the remote server will be accessible on the local computer. One can then open Firefox / Chrome / … and enter localhost:2000 to see what is running on the remote server.

In the second example (2), the port 25 (smtp) of the remote server will be accessible on the local computer. One can therefore configure Thunderbird (for instance), to use localhost:5000 as its SMTP server.



For the time being, comments are managed by Disqus, a third-party library. I will eventually replace it with another solution, but the timeline is unclear. Considering the amount of data being loaded, if you would like to view comments or post a comment, click on the button below. For more information about why you see this button, take a look at the following article.