0
0
Linux CLIscripting~10 mins

SSH tunneling (port forwarding) in Linux CLI - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Concept Flow - SSH tunneling (port forwarding)
Start SSH command
Specify local port
Specify remote host and port
Establish SSH connection
Create encrypted tunnel
Forward local port traffic through tunnel
Access remote service via local port
End
The flow shows how SSH sets up a secure tunnel by forwarding a local port to a remote service through an encrypted connection.
Execution Sample
Linux CLI
ssh -L 8080:remotehost:80 user@sshserver
This command forwards local port 8080 to port 80 on remotehost via sshserver.
Execution Table
StepActionDetailsResult
1Start SSH commandssh -L 8080:remotehost:80 user@sshserverSSH client prepares connection
2Specify local portLocal port 8080 chosenLocal port 8080 reserved for forwarding
3Specify remote host and portremotehost:80Target remote service identified
4Establish SSH connectionConnect to sshserver as userEncrypted SSH session established
5Create encrypted tunnelTunnel from local 8080 to remotehost:80Tunnel ready to forward traffic
6Forward local port trafficTraffic to localhost:8080Forwarded through tunnel to remotehost:80
7Access remote serviceUser accesses http://localhost:8080Remote web service accessed securely
8ExitUser closes SSH sessionTunnel closed, forwarding stops
💡 SSH session ends, tunnel closes, local port forwarding stops
Variable Tracker
VariableStartAfter Step 2After Step 4After Step 6Final
local_portnone8080 reserved8080 reserved8080 forwarding activenone (after exit)
remote_hostnoneremotehost:80 setremotehost:80 setremotehost:80 setnone (after exit)
ssh_connectionnonenoneestablishedestablishedclosed
Key Moments - 3 Insights
Why do we specify a local port in SSH tunneling?
The local port is where your computer listens for traffic to forward through the tunnel. See execution_table step 2 where local port 8080 is reserved.
What happens if the SSH connection drops?
The tunnel closes and port forwarding stops, as shown in execution_table step 8 where the SSH session ends.
Can you access the remote service directly without SSH tunneling?
Only if the remote service is publicly accessible. SSH tunneling allows secure access even if the service is behind a firewall, shown in step 6 forwarding traffic.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, at which step is the encrypted SSH session established?
AStep 2
BStep 4
CStep 6
DStep 8
💡 Hint
Check the 'Result' column for when the SSH session is established.
According to variable_tracker, what is the state of local_port after step 6?
Anone
B8080 reserved
C8080 forwarding active
Dclosed
💡 Hint
Look at the 'local_port' row under 'After Step 6' column.
If the SSH session closes, what happens to the port forwarding?
AIt stops
BIt switches to another port
CIt continues running
DIt becomes unencrypted
💡 Hint
Refer to execution_table step 8 and exit_note about tunnel closing.
Concept Snapshot
SSH tunneling forwards a local port to a remote service securely.
Use: ssh -L local_port:remote_host:remote_port user@ssh_server
Local port listens on your machine.
Traffic is encrypted and sent through SSH.
Tunnel closes when SSH session ends.
Full Transcript
SSH tunneling, also called port forwarding, lets you securely access a remote service by forwarding a local port through an encrypted SSH connection. You start by running an SSH command with the -L option, specifying a local port, the remote host and port, and the SSH server to connect to. The SSH client reserves the local port and establishes a secure connection to the SSH server. Then it creates a tunnel that forwards any traffic sent to the local port through the SSH connection to the remote service. When you access the local port, you are actually reaching the remote service securely. When the SSH session ends, the tunnel closes and forwarding stops.