SSH Tunnelling (also known as SSH port forwarding) is an easy way to access remote services’ ports locally (or vice versa), provided we have SSH access to the remote machine.
For developers, this is especially useful when:
- Your laptop lacks the resources (CPU/Memory/Disk) to run the service.
- You need to run long-running commands without keeping your laptop active.
This is especially useful when using web applications which have a UI.
When
Even within the intranet, opening ports may require security team intervention — an unnecessary hassle for a temporary test VM.
How
SSH Tunnelling simplifies access:
ssh -L 5005:localhost:8080 my-user@my-remote-machineThis command maps the remote machine’s port 8080 to your local port 5005 (you can map any port).
Advanced Usage
- Tunnels can also pass through multiple jump hosts. See this SO
Interesting Insights
While exploring SSH Tunnelling, I discovered:
- SSH has a company behind it. See ssh.com (SSH Communications Security)
- SSH remote forwarding can expose a local service via a remote machine, similar to tools like ngrok (useful if you prefer not to rely on third-party services). This is useful for registering webhooks in services like GitHub. See
ssh -R ...details at ssh.com - SSH Tunnelling can pose security risks if misused, making awareness crucial (see).
SSH Tunnelling offers a simple yet powerful solution for secure remote access — whether for testing, development, or beyond.
