SSH Port Forwarding

Posted on December 13, 2010



This is a mini write-up which explains about SSH Port forwarding. I find this hassle free port forwarding facility provided by SSH preety useful. This document here contains the details about the usage of it.

I sincerely hope, that this tutorial explains the SSH port forwarding upto your expectation. Feel free to contact me, to tell me you valuable comments about this article. You can find my email ID in contact-me section of this website.


SSH port forwarding (also refered as SSH tunneling), is a way to forward insecure TCP traffic through SSH. POP3, SMTP, HTTP connections can be forwarded with SSH. There are two kinds of port forwarding: local and remote forwarding. They are also called outgoing and incoming tunnels, respectively. Local port forwarding forwards traffic coming to a local port to a specified remote port. For example, all traffic coming to port 1234 on the client could be forwarded to port 23 on the server (host).

Hands on Port Forwarding

All the opinions presented here are my personal opinions and any trouble you might end up to by trying this out would not be my responsibility. So, please be responsible when trying out my ways.

Note that, I desire to forward (Port 3128 is proxy-server port) as port 9898 on . So that, I can as

To do such a thing, please note that I need SSH access only on and SSH access on is not required. Execute the following command on $ ssh -N -g -f -L kuse@

Let me explain the above command to you.

-N : Do not get shell after login. ie. do noting after login.
-g : Gateway
-f : Go to background after login
-L : Local Port forwarding

The commands means that, I need to forward port 3128 on as port 9898 on (In this case, -N -f has been used so that the process goes in back-ground and do not get terminated on closing the session (original terminal connection to -g has been used so that 9898 is bind on all the attached IPs or LAN Cards (Note that, you can have multiple LAN cards attached to your computer for having multiple Ips).

Advanced use of Port Forwarding in General

  • To give a secure access for services which are not SSL enabled (eg. HTTP, SMTP).
  • SSH port forwarding can act as a poor man’s VPN (Virtual Private Network).
  • Port forwarding in general can be used for load distribution in case of clusters ( For your information, in another of our project we have used this very concept of port forwarding to build a load-balancer for clustering proxy-server. You can get details of implementation here.