Introduction to ssh port forwarding commands

SSH supports port forwarding.
Three powerful port forwarding commands of SSH:

Quote:
Ssh-C-F-n-g-l listen_port: dst_host: dst_port user @ tunnel_host
Ssh-C-F-n-g-r listen_port: dst_host: dst_port user @ tunnel_host
Ssh-C-F-n-g-D listen_port user @ tunnel_host

-F fork into background after authentication.
User/password for background authentication, usually used with-N without logon
To the remote host.

-P port connect to this port. server must be on the same port.
The sshd service port of the logged-on SSD server.

-L port: Host: hostport
Forward a port from the Local Machine (client) to the specified port on the remote machine. The working principle is as follows: a socket listening port is assigned to the local machine,
Once a connection is established on this port, the connection is forwarded through a secure channel, and a connection is established between the remote host and the host's hostport.
You can specify the port forwarding in the configuration file. Only the root user can forward the privileged port. The IPv6 address is in another format: Port/host/hostport.

-R port: Host: hostport
Forward a port of the remote host (server) to a specified port of the local host. The working principle is as follows: a socket listening port is assigned to the remote host,
Once a connection is established on the port, the connection goes through the Secure Channel and establishes a connection between the local host and the host's hostport.
You can specify port forwarding in the configuration file. You can only use root to log on to the remote host to forward the privileged port. The IPv6 address is described in another format:
Port/host/hostport

-D Port
Specify a Local Machine "dynamic''
The working principle of application port forwarding is as follows: a socket listening port is assigned on the local machine,
Once a connection is established on this port, the connection is forwarded through a secure channel. Based on the Protocol of the application, you can determine where the remote host will be connected. Currently, the socks4 protocol is supported,
It will act as the socks4 server. Only root can forward the privileged port. You can specify the dynamic port forwarding in the configuration file.

-C enable compression.
Compressed data transmission.

-N do not execute a shell or command.
Do not execute scripts or commands, usually used with-f.

-G allow remote hosts to connect to forwarded ports.
In the-L/-r/-D parameter, the remote host is allowed to connect to the forwarding port established. If this parameter is not added, only the local host is allowed to establish a connection.

 

Ssh-l local port: server address: server port username @ server address-n

Parameters:

-L port ing parameter local port-this is enough, as long as no other program occupies this port.

Server address-the server address (name/IP) You need to map)

Server port-remote server port

-N-if you do not use a shell window and use it only for forwarding, if you continue to enter commands on the server after the ing is completed, remove this parameter.

Example A: to remotely manage MySQL on the server, run the following command:

ssh -L 3306:127.0.0.1:3306 user@emlog-vps -N

After running this command, SSH will automatically map the server's 3306 to the local port 3306, and we can use any MYSQL client to connect
Localhost: 3306 can access MySQL on the server.

Example B: Map multiple ports at a time

ssh -L 8888:www.host.com:80 -L 110:mail.host.com:110 / 
25:mail.host.com:25 user@host -N

This command will automatically map ports 80,110 and 25 of the server to ports 8888,110 and 25 of the local machine. The command passes the test on Ubuntu 9.10...