Skip to content
July 12, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Data
    • CVE Watchtower
    • Top Exploited CVEs
    • CVE Stats by Vendor
    • Q2 2026 Report
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • Technique
  • SSH port forwarding
  • Technique

SSH port forwarding

Do Son April 30, 2017 5 minutes read
1

SSH automatically encrypts and decrypts the network data between all SSH clients and the server. This process is sometimes called “tunneling” (tunneling), because SSH for other TCP links to provide a secure channel for transmission and named. For example, Telnet, SMTP, LDAP these TCP applications can benefit from, to avoid the user name, password and privacy information in clear text transmission. At the same time, if the firewall in your work environment limits the use of some network ports, but allows SSH connections, then you can also forward the TCP port to use SSH to communicate.

SSH port forwarding can forward the network data of other TCP ports through SSH link, and automatically provide the corresponding encryption and decryption services.

There are four ways, namely, local forwarding, remote forwarding, dynamic forwarding, X protocol forwarding.

  1. Local Port Forwarding
    SSH connection and application connection The two connections are in the same direction. Localhost parameters can be omitted. The default is 0: 0: 0: 0, but for security reasons, it is necessary to set the localhost parameter. ssh -L [<local host>:]<local port>:<remote host>:<remote port> <SSH hostname> Use 127.0.0.1 as the local listening port.One port of the local machine (client) is forwarded to the designated port of the remote designated machine; the local port forwarding is listening on a port on the localhost, and all the data accessing the port is transmitted to the remote port through ssh tunnel.

    as follows:

    localhost: ssh -L 7001:localhost:7070 sisca@216.194.70.6

    Before landing Localhost port Monitoring status:

     
    After landing the localhost port listening status:
     After the remote host will not listen to the port. Summary: local port forwarding time, the local ssh monitor 7001 port.
  2. Remote Port Forwarding
    SSH connection and application connection The two connections are in the opposite directions -R [<local host>:]<local port>:<remote host>:<remote port> <SSH hostname>, localhost parameters can be omitted, the default is 0:0:0:0, for security must use 127.0 .0.1 as a local listening port.One port of the remote host (server) is forwarded to the designated port of the designated machine on the local side; the remote port forwarding is listening on one port on the remote host. All the data of the designated port of the remote server is transmitted to the local counterpart through the ssh tunnel port.
    as follows:
    localhost: ssh -R 7001:localhost:7070 sisca@216.194.70.6
    Before landing Localhost port Monitoring status:

    After landing the localhost port listening status:
    Remote host port after listening Status:
    Summary: the use of remote port forwarding, the localhost port monitoring and did not change, on the contrary, the remote host began to listen to our designated 7001 port.
  3. Dynamic Port Forwarding
    The remote ssh server as a secure proxy server ssh -D [<local host>:]<local port> <SSH hostname>, localhost parameters can be omitted, the default is 0:0:0:0, for security, must use 127.0.0.1 as a local listening port.The establishment of a dynamic SOCKS4 /5 proxy channel, followed by the local monitoring of the port number; dynamic port forwarding is to establish an ssh encrypted SOCKS4/5 proxy channel, any support SOCKS4/5 protocol procedures can use this encrypted Channel to the agent to visit, and now the most commonly used method is to over the wall.

    as follows:
    localhost: ssh -D 7070 sisca@216.194.70.6

    Before landing Localhost port Monitoring status:

    After landing the localhost port listening status:
    Summary: When using dynamic port forwarding, the local host’s ssh process is listening on the specified 7070 port.
  4. X Protocol Forwarding
    The remote ssh server as a secure proxy server.
    ssh -X  <SSH hostname>
    For example, we may often log on to Linux/Unix/Solaris/HP and other machines to do some development or maintenance, and often need to run some GUI programs, such as the graphical interface to install DB2/WebSphere and so on. This time there are usually two options to achieve: VNC or X window, let us look at the latter. A more common scenario is that our local machine is the Windows operating system, then you can choose to open source XMing as our XServer, and SSH Client can be arbitrarily selected, such as PuTTY, Cygwin can be configured to visit SSH at the same time to establish X forward.

    SSH port forwarding In addition to the above four representatives of the different working parameters of the parameters, there are some ancillary parameters:-C: compressed data transmission-N: Do not execute scripts or commands, usually associated with -f

    -f: background authentication user/password, usually used in conjunction with -N, do not have to log on to the remote host, if through other procedures to control the tunnel connection, should avoid the SSH client into the background, that is, remove the-f parameter.

    -g: In the -L / -D / -R parameter, the remote host is allowed to connect to the established forwarding port. If this parameter is not added, only the local host is allowed to establish a connection.

Share this article:

Facebook Post LinkedIn Telegram
Tags: ssh Dynamic Port Forwarding ssh Local Port Forwarding ssh Remote Port Forwarding ssh X Protocol Forwarding

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-1207CVSS 5.4
    An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on...
    Admin intel📅 Updated: Jul 10, 2026
  • CVE-2026-48939CVSS 10.0
    A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment...
    CISA KEV📅 Added to KEV: Jul 10, 2026
  • CVE-2026-56291CVSS 10.0
    The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files...
    CISA KEV📅 Added to KEV: Jul 10, 2026
  • CVE-2026-55255CVSS 8.4
    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-48908
    A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-56290
    The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-20896CVSS 9.8
    Gitea Docker image: `REVERSE_PROXY_TRUSTED_PROXIES = *` default lets any source IP impersonate any user via `X-WEBAUTH-USER`
    Admin intel📅 Updated: Jul 6, 2026
  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intelCISA KEV📅 Added to KEV: Jul 7, 2026📅 Updated: Jul 3, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-61447CVSS 10.0
    PraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent._execute_python() that...
  • CVE-2026-61445CVSS 9.9
    PraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabilities in...
  • CVE-2026-60090CVSS 9.8
    PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the...
  • CVE-2026-57827CVSS 10.0
    The Joomla extension RSFiles is vulnerable to an unauthenticated arbitrary file upload...
  • CVE-2026-57828CVSS 9.0
    The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file...
  • CVE-2026-14480CVSS 9.9
    OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the...
  • CVE-2026-20744CVSS 9.8
    The charging station websocket endpoint accepts connections without proper authentication, which could...
  • CVE-2026-57807CVSS 9.8
    Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security...
  • CVE-2026-55879CVSS 9.3
    OpenReplay is a self-hosted session replay suite. From 1.24.0 before 1.25.0, the...
  • CVE-2026-12761CVSS 9.8
    The miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Top Exploited CVEs
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • Disclaimer
    • DCMA
    • Privacy Policy
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • CVE Watchtower
    • CVE Statistics by Vendor 2026
    • Q2 2026 Report
    • Top Exploited CVEs
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.