What is SSH Port Forwarding?
SSH is a secure shell and it offers a private connection between hosts. SSH port forwarding is one method that is used to tunnel traffic through an SSH connection. This can be done either locally or remotely if you are not close by to the target machine. Port 22 is used by default for establishing SSH connections. A tunnel is a way to send the traffic through a secure connection, either locally or remotely. Let's take a look at SSH port forwarding and how it works.
Why Use SSH Port Forwarding?
Now that we know what SSH port forwarding is, you might be wondering why it is useful and what it can be used for. The answer to these questions will depend on your situation, but here are some scenarios where you might use SSH port forwarding:
You want to access a service that running in the cloud from your local machine without exposing any ports publicly
Your laptop has an internet connection but no way to connect to the server you want to access without opening ports on your local machine
You are setting up a secure tunnel for accessing services such as RDP and VNC
You need to route network traffic from one remote location through another in order to bypass geo-restricted services and content content
You want to bypass a firewall filter that is preventing your connection to a restricted port
All of these use cases make a lot of sense for remote workers and those with internet connectivity challenges that wish to remain private and secure. Although SSH has traditionally been associated with Linux systems, there are plenty of programs that allow you to establish SSH connections from the operating system of your choice.
You aren't even limited to traditional computers when you want to use SSH either. There are mobile apps for both iOS and Android so you can connect remotely and securely even from your tablet or smartphone. This is great if you manage essential services like a web server or any other internet facing service that requires immediate attention when things go wrong.
Setting Up SSH Port Forwarding in Linux
If you need to reach a remote service, or if a remote computer needs to reach a service on your computer, then you generally use SSH port forwarding, also known as SSH tunneling.
The server that hosts the SSH connection should be public facing with access to the internet if you require remote access. You will need to configure port forwarding on your router, and you will also need to specify the ssh port that will be allowed through the router, and then the IP address of the computer that is going to be receiving Port 22 based connections from outside the network. The SSH components that are needed to connect to a remote server are usually preinstalled on a Linux system, but if not then you can find all the necessary packages in the package manager of your choosing.
How Does Port Forwarding Work?
Network traffic is sent out with a specific port in mind. If a target computer has an open port, then it can receive data on that port. It is not safe to expose your computer to the internet with certain ports exposed, so your router normally acts as the primary defense against various probes and attacks from the internet.
Port forwarding is used in order to allow legitimate traffic through to your network. Port forwarding works by allowing data to be sent via your router to a designated computer on a local network. This is done by specifying rules on a router, such as the IP address and port and it directs data packets to the correct computer which is awaiting an ssh connection.
What Can’t be Forwarded Through SSH Port Forwarding?
We know that most protocols can be forwarded over SSH port forwarding, but there are a few exceptions.
In addition to protocols that use encryption such as FTP (which can’t be forwarded at all) or SSL which would need to be terminated before the connection reaches your server, we also have those that simply cannot work through an encrypted TCP stream.
Examples are UDP-based services like DNS, NTP, BOOTP, TFTP, RTSP, and RIP.
These can of course be reached with an unencrypted protocol, but they do not work over SSH port forwarding.
We've established that most protocols can make use of an SSH tunnel to forward data, and we also found out what services cannot be forwarded in this way. Now I want to explain all the other aspects that are needed in order for this method to work.
How to Set Up Port Forwarding
The first thing that you need to do is to install an SSH client on your computer. If you're using a Mac, you can try installing OpenSSH, and if you use a Windows machine, PuTTY is a good option. After installation has been completed, open the ssh client of your choice.
The next thing that we need to do is open up a connection on our computer's sshl application or a command prompt/shell. To start off I would recommend using one of your own servers, but you can also use any other server as long as its SSH service is running and you have permission to login.
The first thing that you will be prompted for is your username and then it will ask your password. Once logged in successfully, PuTTY should show a black screen with one line of text on the screen.
Security Risks Related to Using SSH
We know that SSH is secure because it uses public-key cryptography and there are other safeguards in place to protect data. That doesn't mean that it is 100% secure, because nothing is. The security risk with using SSH is that it can be used as an open door (or port) for someone who wants access to your system or network. However, the chances of this happening are quite low. The best safeguards that you can use are things like changing default passwords, not reusing passwords from other computers, websites or any other applications that you use with a sign on password, and monitor your system logs for any unusual activity.
Real-World Examples of SSH Port Forwarding
With a bit of setting up it is possible to open any host in your system as a proxy server. This can be used for anything from browsing on an internal IP address that might be blocked by firewalls or proxies, opening file shares and more. It’s also possible to send data to a program that you are running on your local machine from another host.
The following example is one of the simplest, and it can be used to open a terminal session with an internal IP address:
ssh me@myinternal-ip -L 5900:localhost:5900
This will forward port 5900 on the external server (the SSH partner of the one on which the command is executed) to port 5900 of your local computer, and it will allow you to remotely access a terminal session with an IP address that might be blocked by firewalls or proxies.
Remote desktop connections are possible with SSH port forwarding, making it a convenient and secure way to access remote systems. It’s also possible to send data to a program that you are running on your local machine from another host. You can use SSH port forwarding to encrypt the connection from one host to another, which can be useful if you are using public WiFi.
Using SSH port forwarding is not without risks . If you’re using public WiFi or another unsecured network connection, someone could, in theory, intercept your connection and steal data from it with a Man-In-The-Middle attack. This requires that the attacker identifies your connection when it is being made, so it requires many factors to line up in order for it to be possible, but it is a possibility.
We have looked at some of the basic SSH port forwarding concepts, including what it is and how it works. We have also discussed some of the risks you’ll be taking if you proceed with SSH port forwarding over an unsecured network connection.
This is a relatively secure method of accessing a computer over the internet, so long as you have all the necessary security precautions in place. If not, then it is possible for your data to be intercepted by an attacker under certain conditions.