Here is description of imaginary situation we want to solve.
- You have access via SSH to server server with hostname
foobar-serveris running some service – HTTP Server, a database or something different. For instance, let’s pretend you are running Mongo database, but it doesn’t actually matter.
- Some firewall is set up around
foobar-server, preventing you from accessing these services. Or maybe simply ports of these services are closed.
- You want to access this service from another machine – What can we do?
Create SSH Tunel
We can establish SSH tunel between our machine and
foobar-server. Let’s get right on it, it’s just one command.
ssh -L 27077:localhost:27017 your_user@foobar-server
You might use this in following situation:
your_useris username you use to access the
foobar-serveris hostname of the server running your service. Ofcrouse you can just as fine use directly its IP address.
- You want to access service running on port 27017 on the
foobar-server. The way you could do that after running this command is by communication with 127.0.0.1:27077. Hence the structure of
As a result, illusion that you are only accessing a service running locally on your machine. But what is actually really going is that
- your data is encrypted,
- sent through SSH Tunel to
foobar-serverdecrypts the data
foobar-serverredirect decrypted data to
And ofcourse, the same happens the other way around to deliver you the response from the service.