SSH Tunneling or SSH port forwarding is a way where you can access application leveraging on the SSH ports and tunnel in the event that you do not want to open additional ports on your firewall.

In this tutorial I am going to show you how you can access the GUI of the linux server through the SSH Tunnel. This is useful for more tech savvy engineer who wants to access resources behind a firewall without opening and managing additional port access.

This is also a common way that cyber criminal get access to machine behinds the firewall in your organization. Understanding how this work will also help you to deploy protection against such attack.

You might want to check out the tutorial to use the Key Base Authentication to increase the security of the tunnel.

To establish SSH local port forwarding use the -L option.

ssh -L [bind address]:[port]:[remote host]:[remote port] <user>@<ssh server>

In the example below we are using key-based login so the syntax will be as follow

ssh -i [private key] -L [bind address]:[port]:[remote host]:[remote port] <user>@<ssh server>