SSH port forwarding explained in a clean and visual way. How to use local and remote port forwarding. What sshd settings may need to be adjusted. How to memorize the right flags.

SSH is yet another example of an ancient technology that is still in wide use today. It may very well be that learning a couple of SSH tricks is more profitable in the long run than mastering a dozen Cloud Native tools destined to become deprecated next quarter.

One of my favorite parts of this technology is SSH Tunnels. With nothing but standard tools and often using just a single command, you can achieve the following:

  • Access internal VPC endpoints through a public-facing EC2 instance.
  • Open a port from the localhost of a development VM in the host’s browser.
  • Expose any local server from a home/private network to the outside world.

And more 😍

  • SpaceCadet2000
    211 months ago

    ssh tunneling can be very useful for testing or one-shot things where you quickly need access to a service that’s not directly reachable, but I wouldn’t use it as a permanent solution for anything. You quickly run into problems like:

    • TLS certificates don’t work, so you get into the habit of clicking through security warnings or turning of TLS validation altogether.
    • Virtual hosts don’t work
    • Port conflicts when you want to access the same type of service on different remote machines, so you have to remap them and remember things like: localhost:8080 is foo:80 and localhost:8081 is bar:80
    • If it’s not your infrastructure (i.e. you are an employee in a larger company), you are probably bypassing all kinds of security rules by exposing a service and your security guys will not be too happy about it if they find out.