SSH Tunnel – Local and Remote Port Forwarding Explained With Examples

local port to remote port

ssh -L 9000:google.com:80 user@example.com

this means forwarding our local port 9000 to imgur.com:80

remote port to local port

ssh -R 9000:localhost:3000 user@example.com

this means forwarding example.com server port 9000 to local 3000 port

By default, OpenSSH only allows connecting to remote forwarded ports from the server host. However, the GatewayPorts option in the server configuration file sshd_config can be used to control this. The following alternatives are possible:

sudo vim /etc/ssh/sshd_config
GatewayPorts yes
sudo service sshd restart

This allows anyone to connect to the forwarded ports. If the server is on the public Internet, anyone on the Internet can connect to the port.

ssh -R 52.194.1.73:8080:localhost:80 host147.aws.example.com