What is SSH Port Forwarding?

Quick definition: SSH (Secure Socket Shell) port forwarding is a secure networking technique that allows data to be exchanged between two devices over an encrypted SSH connection. It enhances security and facilitates remote access by creating a protected channel for data transmission. 

As more employees work remotely, security for remote workers has become a concern. That's where SSH port forwarding comes into play. Imagine you have a secret passageway (the SSH connection) connecting your house (your local computer) to a hidden room in a bank vault (a remote server). 

You can securely send and receive items (data) through this secret passageway. You can even ask someone in the vault to fetch specific items for you. Nobody outside the passageway can see what's inside, ensuring your information remains safe and confidential.

That, in a nutshell, is how SSH port forwarding works. SSH is a secure shell that offers a private connection between hosts. SSH port forwarding is one method used to tunnel traffic through an SSH connection. This can be done either locally or remotely if you are not near the target machine. Port 22 is used by default for establishing SSH connections. Let's take a look at SSH port forwarding and how it works.

Why Use SSH Port Forwarding?

Now that we know what SSH port forwarding is, you might be wondering why it is useful and what it can be used for. The answer to these questions will depend on your situation, but here are some scenarios where you might use SSH port forwarding:

• You want to access a service that is running in the cloud from your local machine without publicly exposing any ports. 

• Your laptop has an internet connection but no way to connect to the server you want to access without opening ports on your local machine. 

• You are setting up a secure tunnel for accessing services such as RDP and VNC. 

• You must route network traffic from one remote location to another to bypass geo-restricted services and content. 

• You want to bypass a firewall filter preventing your connection to a restricted port. 

All of these use cases make a lot of sense for remote workers and those with internet connectivity challenges who wish to remain private and secure. Although SSH has traditionally been associated with Linux systems, plenty of programs allow you to establish SSH connections from the operating system of your choice.

You aren't limited to traditional computers when you want to use SSH, either. There are mobile apps for both iOS and Android so that you can connect remotely and securely, even from your tablet or smartphone. This is great if you manage essential services like a web server or other internet-facing services that require immediate attention when things go wrong.

How to Set Up SSH Port Forwarding in Linux

If you need to reach a remote service or a remote computer needs to reach a service on your computer, then you will generally use SSH port forwarding, also known as SSH tunneling.

SSH port forwarding can be set up in Linux using the 'ssh' command with the -L (local port forwarding) or -R (remote port forwarding) options.  

The server that hosts the SSH connection should be public facing with access to the internet if you require remote access. You will need to configure port forwarding on your router, and you will also need to specify the SSH port that will be allowed through the router and then the IP address of the computer that is going to be receiving Port 22-based connections from outside the network. 

The SSH components that are needed to connect to a remote server are usually preinstalled on a Linux system. If not, then you can find all the necessary packages in the package manager of your choice.

How Does Port Forwarding Work?

Network traffic is sent out with a specific port in mind. If a target computer has an open port, it can receive data on that port. It is unsafe to expose your computer to the internet with certain ports exposed, so your router usually acts as the primary defense against various probes and attacks from the internet.

Port forwarding is used to allow legitimate traffic through to your network. Port forwarding works by allowing data to be sent via your router to a designated computer on a local network. This is done by specifying rules on a router, such as the IP address and port, and it directs data packets to the correct computer awaiting an SSH connection.

What Can’t Be Forwarded Through SSH Port Forwarding?

Most protocols can be forwarded over SSH port forwarding, but there are a few exceptions.

In addition to protocols that use encryption, such as FTP (which can’t be forwarded at all) or SSL, which would need to be terminated before the connection reaches your server, we also have those that simply cannot work through an encrypted TCP stream.

Examples are UDP-based services like DNS, NTP, BOOTP, TFTP, RTSP, and RIP.

These can, of course, be reached with an unencrypted protocol, but they do not work over SSH port forwarding.

We've established that most protocols can make use of an SSH tunnel to forward data, and we also found out what services cannot be forwarded in this way. Now, we'll explain all the other aspects needed for this method to work.

How to Set Up Port Forwarding

The first thing that you need to do is to install an SSH client on your computer. If you're using a Mac, you can try installing OpenSSH, and if you use a Windows machine, PuTTY is a good option. After installation has been completed, open the ssh client of your choice.

Next, we must open a connection on our computer's SSH application or a command prompt/shell. We recommend using one of your own servers, but you can also use any other server if its SSH service is running and you have permission to log in.

You will be prompted for your username and password. Once logged in successfully, PuTTY should show a black screen with one line of text on the screen.

Security Risks Related to Using SSH

SSH is secure because it uses public-key cryptography and other safeguards to protect data. That doesn't mean it is 100% secure because nothing is. The security risk with using SSH is that it can be used as an open door (or port) for someone who wants access to your system or network. 

However, the chances of this happening are pretty low. The best safeguards you can use are changing default passwords, not reusing passwords from other computers, websites, or other applications, and monitoring your system logs for any unusual activity.

Real-World Examples of SSH Port Forwarding

With a bit of setting up, it is possible to open any host in your system as a proxy server. This can be used for everything from browsing on an internal IP address that might be blocked by firewalls or proxies to opening file shares and more. It’s also possible to send data to a program you are running on your local machine from another host.

The following example is one of the simplest, and it can be used to open a terminal session with an internal IP address:

ssh me@myinternal-ip -L 5900:localhost:5900

This will forward port 5900 on the external server (the SSH partner of the one on which the command is executed) to port 5900 of your local computer, and it will allow you to remotely access a terminal session with an IP address that might be blocked by firewalls or proxies.

Remote desktop connections are possible with SSH port forwarding, making it a convenient and secure way to access remote systems. It’s also possible to send data to a program you are running on your local machine from another host. You can also use SSH port forwarding to encrypt the connection from one host to another, which can be useful if you are using public WiFi.

Using SSH port forwarding is not without risks. If you’re using public WiFi or another unsecured network connection, someone could, in theory, intercept your connection and steal data from it with a Man-In-The-Middle attack. This requires that the attacker identifies your connection when it is being made, so it requires many factors to line up for it to be possible, but it is a possibility.

Wrapping Up

We have looked at some basic SSH port forwarding concepts, including what it is and how it works. We have also discussed some risks you’ll be taking if you proceed with SSH port forwarding over an unsecured network connection.

This is a relatively secure method of accessing a computer over the internet, so long as you have all the necessary security precautions in place. If not, then your data can be intercepted by an attacker under certain conditions.