![]() ![]() For local forwards, the ssh client manages the source port. There are two types of secure port forwarding using ssh: local forwards and remote forwards. But be aware that communication before it hits the tunnel and after it leaves the tunnel are not encrypted. Your private communications with friends, family, and potential employers are secure as they travel over the tunnel on the internet. In the imap example, an added benefit of using ssh is that the email data is encrypted. The second reason for using ssh tunneling is that it encrypts the network communication. I’ll give an example of this in the next few paragraphs. Or, you could create an ssh tunnel from your laptop to your home network when you want imap access. You could setup a VPN on your router, but that’s probably overkill. You could just open access on your home imap server to the world, but that’s a scary proposition. Also suppose that you have a laptop and want to be able to connect to your home imap server regardless of where you are. As an example, suppose you have an imap server setup on your home LAN. The first reason I’ll give for using ssh tunneling is to connect two networks that do not have open access to one another. You may be able to derive from this description one or both reasons I’m about to give for using ssh tunneling. For now, you can just think of ssh tunneling as secure port forwarding. If this seems a bit unclear, don’t worry I’ll get into more detail shortly with an example. The destination is another bound network port but this time, it’s some other network server that the other end of the ssh tunnel can communicate with. This port must either be managed by the ssh client or the ssh server. The source is simply a bound network port that other processes can connect to. Tunneling involves an ssh client connecting to an ssh server, just as in “regular cases.” But when the ssh client connects to the server, the client specifies the source and the destination for the tunnel. Tunneling with ssh is the process of wrapping some network communication with the encrypted ssh protocol. Before I give those reasons, I’ll describe what tunneling is. ![]() There are two primary reasons to use ssh for tunneling. In this article, I’ll discuss something that I think is even more interesting than remote shell access or remote execution: tunneling. I pointed out that remote command execution was more interesting than mundane remote shell access. In that article, I mentioned that simple remote shell access was not the most interesting thing you can do with ssh. In a previous article, I went over some of the basic functions of ssh. ![]()
0 Comments
Leave a Reply. |