Today I present another excellent article by Domenico Raffaele originally presented in his blog (in Italian) where you can find many other interesting articles about hacks and VoIP. This is his second article about ssh.
Here you’ll see some example of SSH Port Forwarding, sometimes called SSH Tunneling, which allows you to establish a secure SSH session and then tunnel arbitrary TCP connections through it. Tunnels can be created at any time, with almost no effort and no programming, which makes them very appealing.
Local Port Forwarding
Running on host1:
# ssh -g -L 8080:www.voipandhack.it:80 host2
ssh will start a connection with host2, listening on port 8080 and redirect all attempts to connect to that port to the server host2 sshd, which in turn redirect to port 80 of www.voipandhack.it.
Firefox ---> host1:8080 ssh ====== host2:22 sshd ---> wwww.voipandhack.it:80
So on the browser, the website http://host1:8080 will look like the homepage of di www.voipandhack.it
not considering the flag -g, ssh will listen only on local connection on 127.0.0.1
Remote Port Forwarding
Runnin on host1:
# ssh -R 8080:mywebserver:80 host2
The sshd server on host2, when accepting a connection, will listen on port 8080, and will forward each packet destined to that port to the client ssh of host1, which in turn will forward it to port 80 of mywebserver
mywebserver:80 <--- host1 ssh ====== host2:22 sshd:8080 <--- Firefox
In this way, people who are pointing their browsers to http://host2:8080 can visit the internal webserver