SSH Tunnels - 2 ways
Recently, I have been googling how to make tunnels so I thought I would post what I do. A SSH tunnel allows you to connect to server, A, through server B, from client C.
You generally only want to setup a tunnel when you need to connect to server A but only have access to server B from your client, your laptop in the diagram above. Usually server A is in a protected network and server B is a bastion host that clients can use to access it.
The first tunnel command I will show you will provide you with command line access to your target server, serverA.comssh -o ServerAliveInterval=15 -t serverB.com ssh serverA.com
I have included an option to keep the connection alive, -o ServerAliveInterval=15, if you are away from your keyboard for too long. The -t provides you with command line access.
This next tunnel command allows you to forward a port from the target server, again serverA.com, to another port on your client.ssh -N -L 9999:serverA.com:5432 -o TCPKeepAlive=no -o ServerAliveInterval=15 serverB.com
I am again specifying options to keep idle connections open, -o TCPKeepAlive=no -o ServerAliveInterval=15. The -L allows you to specific which local port you want to have the remote port forwarded to. The above example is really for forwarding the postgresql port on serverA.com (default 5432) to port 9999 on my client going through serverB.com, the bastion server. That allows me use pgAdmin to connect to the database on serverA.com using localhost:9999.
