Forwarding
Forwarding or tunneling is the use of SSH to secure another network application, covered fully in Chapter 9. Both PuTTY and Plink can set up secure tunnels for this purpose.
18.6.1 Forwarding with PuTTY
Forwarding is set up with the PuTTY Configuration dialog. For local port forwarding, which is the most common type, select Tunnels. Then fill in these fields:
- Source port
Any unused TCP/IP port on your local machine.
- Destination
The remote SSH server name, followed by a colon, followed by the remote port number.
- Local/Remote/Dynamic
Choose Local.
For example, to connect to a remote VNC server (port 5900) on
server.example.com, you’d provide a destination
of server.example.com:5900, and any
unused source port (say, 12345).
This example demonstrates local forwarding [9.2.1], but PuTTY can also do
remote [9.2.1.2] and
dynamic [9.3] port
forwarding.
To turn on X forwarding [9.4] for secure connections with an X Window server, simply choose Tunnels again and select the checkbox Enable X11 Forwarding.
To turn on agent forwarding [6.3.5] to allow your SSH agent to communicate with clients on other machines, navigate to Connection/SSH/Auth and select the checkbox Allow Agent Forwarding.
18.6.2 Forwarding with Plink
To enable the various kinds of forwarding with the command-line program Plink:
- Local port forwarding [9.2.1]
Use the -L option, supplying the source port, remote server name, and remote port. For example, to forward local port 12345 to remote port 5900 on server.example.com, run: ...
Get SSH, The Secure Shell: The Definitive Guide, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
