SSH.COM is one of the most trusted brands in cyber security. We help enterprises and agencies solve the security challenges of digital transformation with innovative access management solutions.
A remote (incoming) tunnel forwards traffic coming to a remote port to a specified local port.
With sshg3 on the command line, the syntax of the remote tunneling command is the following:
$ sshg3 -R [protocol/][listen-address:]listen-port:dst-host:dst-port server
Setting up remote tunneling allocates a listener port on the remote server. Whenever a connection is made to this listener, the connection is tunneled over Secure Shell to the local client and another connection is made from the client to a specified destination host and port. The connection from the client onwards will not be secure, it is a normal TCP connection.
Figure 9.4 shows the different hosts and ports involved in remote tunneling.
For example, if you issue the following command, all traffic coming to port 1234 on the server will be forwarded to port 23 on the client. See Figure 9.5.
$ sshg3 -R 1234:localhost:23 username@sshserver
The forwarding address in the command is resolved at the (local) end
point of the tunnel. In this case
localhost refers to the
By default, the server allows remote tunnels from all addresses for all users. To restrict tunneling for all or for specified users, see Restrictions to Tunneling.