An ssh client connects to a Secure Shell server, which allows you to run terminal commands as if you were sitting in front of another computer. But it is client also allows you to “tunnel” a port between your local system and a remote server.
There are three different types of secure shell tunneling, and they’re all used for different purposes. Each involves using a server to redirect traffic from one network port to another. The traffic is sent over the encrypted connection, so it can’t be monitored or modified in transit.
You can do this with the command ssh included in Linux, macOS, and other UNIX-like operating systems. On Windows, which doesn’t include a built-in ssh command, we recommend the free tool PuTTY to connect to servers. It supports tunneling, too.
Local Port Forwarding with ssh
“Local port forwarding” allows you to access local network resources that aren’t exposed to the Internet. For example, let’s say you want to access a database server at your office from your home. For security reasons, that database server is only configured to accept connections from the local office network. But if you have access to a secure shell server at the remote place, and that secure shell server allows connections from outside the office network, then you can connect to that secure shell server from home and access the database server as if you were in the remote place.
To do this, you establish a secure shell connection with the server and tell the client to forward traffic from a specific port from your local PC. To use local forwarding, connect to the shell server normally with below syntax:
ssh -L local_port:remote_address:remote_port firstname.lastname@example.org
After running the above command, you would be able to access the database server at port 8888 at localhost.