June 24, 2017

How to Tunnel a Remote Port to a Local Port with SSH

Administration Logo

Sooner or later you have to restrict access to a specific application from outside the server by blocking a port with a firewall. This is a common scenario when using a development web server. You want to access the service but you do not want to leave it open to the entire world. At this point SSH can help you to create a tunnel.

Use SSH to tunnel a port

The following command will map the port 8080 on the remote server stans-server.com to the local port 8081. Now you can locally access the remote application on stans-server.com. The tunnel keeps open as long as your terminal session is active.

ssh stan@stans-server.com -L 8081:localhost:8080

Set up a Windows SSH tunnel

On Windows you can use Plink to open a SSH tunnel. This tool can be downloaded here. Next you need to create a batch file, i.e. tunnel.bat and copy and paste the follwing line. Please replace the password, the server destination (stan@stans-server.com) and the tunnel path (8081:localhost:8080) with your own settings. Finally, you can start the batch file to open the tunnel.

plink.exe -v -pw password stan@stans-server.com -L 8081:localhost:8080

Speak Your Mind