Re: What is the difference between local port forwarding (-L) and remote port forwarding (-R)

From: Darren Tucker (dtucker_at_dodgy.net.au)
Date: 04/28/04

• Next message: Darren Tucker: "Re: Accessing dynamically multiple VNC servers using SSH"
• Previous message: Ron Olsberg: "SSH without a "Username or Password"?"
• In reply to: Yann Laviolette: "What is the difference between local port forwarding (-L) and remote port forwarding (-R)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 28 Apr 2004 02:41:49 +0000 (UTC)

In article <d73d6e32.0404262310.5dd662ed@posting.google.com>,
Yann Laviolette <yann_laviolette@gnome.org> wrote:
>What is the difference between the bit -L and the bit -R. I've read
>the man of SSH on Fedora. It's seems to be simple but in practice, I
>don't understand.

Example: "ssh -L 2000:1.2.3.4:2000 server" is a "local" forward and will
listen on the client (ie the machine you ssh'ed from) on port 2000.
If something connects to the client on port 2000, a "channel" will be
opened inside the SSH connection and the server will connect to 1.2.3.4 on
port 2000. Any data sent or received will be forwarded over this channel.

In contrast, "ssh -R 2000:1.2.3.4:2000 server" is a "remote" forward,
which will cause the *server* to listen on port 2000, and any connection
arriving at that port will be forwarded over the SSH connection and the
client will connect to 1.2.3.4 on port 2000.

Same concept, different directions.

>Can somebody help me on this subject?

Also try http://www.openssh.com/faq.html#2.11

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

---

• Next message: Darren Tucker: "Re: Accessing dynamically multiple VNC servers using SSH"
• Previous message: Ron Olsberg: "SSH without a "Username or Password"?"
• In reply to: Yann Laviolette: "What is the difference between local port forwarding (-L) and remote port forwarding (-R)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: RDC port change ... As for the SSH, I use SSh myself and for my clients where I can. ... There is a mac client, ... remote control...... ... By the way lol, the problem with the RDC port is fixed, it seems.... ... (microsoft.public.windowsxp.work_remotely) Re: SSH trickery using -R ... > ssh connection to a remote machine, using the -R switch, which opens a ... > port on the remote machine, which is then redirected to the local ... on a port of my choosing. ... I also usually put the ssh comman inside a shell script with ... (Fedora) Re: Secure / Encrypt Terminal Services ... SSH port forwarding should work. ... Then connect with your SSH client. ... (Focus-Microsoft) Re: ssh gives "Permission denied, please try again" ... port 22 on your internal machine, so you will need to keep ssh up to ... I configure the router to forward a different external port to 22 on my ... For good measure pick usernames that are none obvious, ... root/password: 163 times ... (uk.comp.os.linux) [NEWS] SSH service at Dell DRAC4 Denial of Service (Mocana) ... SSH service at Dell DRAC4 Denial of Service ... Dell Remote Access Card 4 allows customers to effectively manage ... After the use of such a port scanner, ... (Securiteam)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.ssh  > 2004-04