Difference Between SSH Local and Remote Port Forwarding
Last Updated :
18 Mar, 2023
SSH stands for “Secure Shell” or “Secure Socket Shell“. It is a cryptographic network protocol that allows two computers to communicate and share the data over on insecure network such as Internet. SSH protocols protects the network from various attacks.
1. Local Port Forwarding :
Local Port Forwarding is the common type of port forwarding. It is used to let a user connect from the local computer to another server, i.e forward data securely from another client application running on the same computer as a Secure shell client. By using local port forwarding , firewalls that block certain web pages are able to Bypass.
Advantages:
- Increased security: Local port forwarding can increase security by allowing you to securely connect to a remote server without exposing the server to the internet.
- Access to restricted resources: Local port forwarding can be used to access restricted resources that are only available on a remote server.
- Convenient file transfer: Local port forwarding can make it easy to transfer files between local and remote machines.
Disadvantages:
- Performance impact: Local port forwarding can have a performance impact, especially if you are transferring large files or using applications that require high bandwidth.
- Configuration complexity: Configuring local port forwarding can be complex, especially if you are not familiar with the SSH protocol.
- Security risk: If local port forwarding is not properly configured, it can be a security risk, as it can expose the server to unauthorized access.
2. Remote Port Forwarding :
This form of port forwarding enables applications on the server side of a secure shell. There are proprietary for the same general purpose. To use remote port forwarding the address of the destination server and two port number must be known. The port number chosen depend on which application is to be used.
Advantages:
- Access to local resources: Remote port forwarding can be used to access local resources that are only available on the client machine.
- Increased security: Remote port forwarding can increase security by allowing you to securely connect to a remote server without exposing the server to the internet.
- Convenient remote access: Remote port forwarding can make it easy to access remote resources from anywhere with an internet connection.
Disadvantages:
- Configuration complexity: Configuring remote port forwarding can be complex, especially if you are not familiar with the SSH protocol.
- Security risk: If remote port forwarding is not properly configured, it can be a security risk, as it can expose the client machine to unauthorized access.
- Performance impact: Remote port forwarding can have a performance impact, especially if you are transferring large files or using applications that require high bandwidth.
Similarities:
- Both use the SSH protocol: SSH local and remote port forwarding both rely on the SSH protocol to establish a secure connection between the client and server.
- Both allow for secure communication: Both local and remote port forwarding can be used to establish a secure communication channel between a client and a server, which can help to protect sensitive data and prevent unauthorized access.
- Both can be used to access remote resources: Both local and remote port forwarding can be used to access remote resources, such as servers, databases, and files, that may not be directly accessible from the client machine.
- Both require configuration: Both local and remote port forwarding require some level of configuration to set up and establish the connection between the client and server.
- Both can have a performance impact: Both local and remote port forwarding can have a performance impact, especially if large amounts of data are being transferred or if the client or server has limited resources.
Difference Between SSH LPF vs SSH RPF:
|
SSH LPF
|
SSH RPF
|
| In this, connections from the SSH client are forwarded via the SSH server, then to a destination server. |
In this, connections from the SSH server are forwarded via the SSH client, then to a destination server. |
| LPF lets you to connect from your local computer to another server. |
RPF lets you connect from the remote SSH server to another server. |
| In OpenSSH, local port forwarding is configured using the -L option. |
In OpenSSH, local port forwarding is configured using the -R option. |
|
The basic syntax for LPF with Linux is:
ssh -L local_port:destination_server_ip:remote_port ssh_server_hostname
|
The basic syntax for RPF with Linux is:
ssh -R local_port:destination_server_ip:remote_port ssh_server_hostname
|
|
For example: If you wanted to connect from your laptop to
http://www.ubuntuforums.org using an SSH tunnel. You would
use source port number 8080 and destination port 80 and destination server www.ubuntuforums.org
|
For example: If you wanted to let a friend access your remote desktop, using the command-line SSH client.
You would use port number 5900 and destination server localhost :
ssh -R 5900: localhost : 5900 guest@jone-pc
|
Conclusion:
SSH port forwarding provides a secure way to access services on remote servers or local machines. Local port forwarding maps a remote service to a local port, while remote port forwarding maps a local service to a remote port. Both types of port forwarding have their specific use cases and benefits, but it’s important to consider the security implications when using either type.
Like Article
Suggest improvement
Share your thoughts in the comments
Please Login to comment...