On Linux and Solaris systems it is common to use SSH to forward ports between two hosts. This short tutorial will introduce the -L, -R, and -D flags to ssh.

SSH -L stands for local forwarding. Its syntax is ssh -L port:host:hostport remotehost. This allows you to connect a local port to a remote port over an encrypted ssh tunnel.

To see it in action:

ssh -L 5901:localhost:5901 joeuser@nemo.ece.pdx.edu

This command forwards vnc over ssh so that the user can use vnc securely. The user can then connect to it using e.g. vncviewer localhost:1.

SSH -R stands for remote forwarding. Its syntax is ssh -R port:host:hostport remotehost. This allows you to connect a remote port to a local port over an encrypted ssh tunnel.

To see it in action:

ssh -R 5800:localhost:22 joeuser@nemo.ece.pdx.edu

This command forwards port 22 from the host machine into port 5800 on nemo.ece.pdx.edu. This means you can ssh nemo.ece.pdx.edu -p 5800 and it will be the same as sshing into the original box.

SSH -D is for dynamic application-level port forwarding. Its syntax is ssh -D port remotehost. It allows you to put up a SOCKS proxy over an encrypted ssh tunnel.
To see it in action:

ssh -D 2100 joeuser@nemo.ece.pdx.edu

This command forwards all trafic requested of localhost:2100 through nemo.ece.pdx.edu. You can configure Chromium or Firefox to use localhost:2100 as a SOCKS5 proxy and be sure that all your http traffic is being tunneled over ssh.

When to use which one:

SSH -L is good for exposing a remote port locally. SSH -R is good for accessing a box hidden behind a NAT. SSH -D is good for tunneling your web traffic in an environment you don't completely trust.