Re: port forwarding
From: Darren Dunham (ddunham_at_redwood.taos.com)
Date: Mon, 20 Jun 2005 17:28:09 GMT
Payal <firstname.lastname@example.org> wrote:
>> Payal> ssh -L 1100:scriptkitchen.com:110 example.net
> So a tunnel is created from "scriptkitchen.com:1100" to example.net:110
> But where is "localhost" mentioned? How does the traffic go from my
> machine to scriptkitchen? Is that encrypted? And from which port? I
> don't follow this at all.
A "tunnel" is always from your local machine to the ssh host
(example.net). All traffic is on port 22, encrypted.
Then, imagine you are on example.net and you connect to
scriptkitchen.com:110. That traffic is necessarily unencrypted.
Instead of being delivered to an application on example.com, the traffic
is sent into the tunnel back to your local workstation and then bound to
your port of choice (1100).
The host portion of the address (scriptkitchen.com) is always from the
point of view of the ssh server (example.net here). So if you use
port:localhost:hostport, then 'localhost' means the example.net server.
-- Darren Dunham email@example.com Senior Technical Consultant TAOS http://www.taos.com/ Got some Dr Pepper? San Francisco, CA bay area < This line left intentionally blank to confuse you. >