SSH tunnelling (also known as “Port Frowarding”) is very useful at work environment. For example, I want to configure and manage the switches that can be managed by the web-based management application in the datacenter, but I work at my office. Or I want to copy some files to the server in the datacenter from my office. Through using ssh tunnelling, I don’t need to go to datacenter to configure switches on the site, and don’t need to copy files to gateway and then copy from gateway to server.
Syntax:
ssh -L <localport>remoteip<remoteport> <username>@<bridgeip>
Case 1
From the above picture, there is a management server connectting to the management port of switches in datacenter. For the privacy, I suppose that the IP of the management server is 192.168.1.20, the IP of the switch1 is 10.1.1.2. At my fedora desktop, I open a terminal and type
$ ssh -L 8080:10.1.1.2:80 kezhong@192.168.1.20 cat -
and then open my browser, go to http://127.0.0.1:8080/
Case 2
From the above picture, I want to copy files from my pc to server1. Suppose that the IP of the gateway is 192.168.2.1, and the IP of the server1 is 10.2.2.5. Open a terminal and type
$ ssh -L 8082:10.2.2.5:22 kezhong@192.168.2.1 cat -
Open another terminal, type
$ scp -P8082 ubuntu-10.10-server-amd64.iso kezhong@localhost:/tmp/ubt.iso
Reference
http://www.rzg.mpg.de/networkservices/ssh-tunnelling-port-forwarding
