Portforwarding with SSH (Putty) Martin Zahn, 10.10.2008
Overview Often you do not have direct access to a desired server, because a firewall blocks the port or you are on another network than the server. But eventually you may have access to a proxy server, from which you can access the desired server. For example you would like to access an Oracle database on 192.168.151.2 on port 1521 with you local SQL tools and you don't want to do it from the proxy server. With SSH port forwarding you can establish a logical connection through the proxy an you will then be able to access the Oracle database through it. You can use the very common SSH client PUTTY to establish this logical connection Port Forwarding using SSH In order to use port forwarding to connect from your local machine to a port on a remote server, you need to: Choose a port number on your local machine (e.g. 5500) where PuTTY should listen for incoming connections. Now, before you start your SSH connection, go to the PuTTY Tunnels panel. Make sure the �Local� radio button is set. Enter the local port (e.g. 5500) number into the �Source port� box. Enter the destination host name and port number into the �Destination� box, separated by a colon (e.g. 192.168.151.2:1521). Now click the [Add] button. The details of your port forwarding should appear in the list box. Now start your session and log in to the proxy host. To check that PuTTY has set up the port forwarding correctly, you can look at the PuTTY Event Log. Now if you connect to the source port number on your local PC, you should find that it answers you exactly as if it were the service running on the destination machine. You can also forward ports in the other direction: arrange for a particular port number on the server machine to be forwarded back to your PC as a connection to a service on your PC or near it. To do this, just select the �Remote� radio button instead of the �Local� one. The �Source port� box will now specify a port number on the server. Enter Source and Destination, then click Add Button After clicking the Add Button X11 Forwarding If you need to start a graphical application from the database server (on 192.168.151.2) and the output should be displayed on your local PC, then you must activate X11 forwarding in PUTTY. Now log in to the SSH proxy server as normal. To check that X forwarding has been successfully negotiated during connection startup, you can check the PuTTY Event Log. From the proxy server you must now enable X11 forwarding to the DB server, this can be established with the -X option of ssh. proxy> ssh -X oracle@192.168.151.2 Now you can start for example Oracle's runInstaller and the output is displayed on your local PC - do not forget to start the cygwin X11 server on the PC.

Portforwarding with SSH (Putty)

Martin Zahn, 10.10.2008

Overview

Often you do not have direct access to a desired server, because a firewall blocks the port or you are on another network than the server. But eventually you may have access to a proxy server, from which you can access the desired server. For example you would like to access an Oracle database on 192.168.151.2 on port 1521 with you local SQL tools and you don't want to do it from the proxy server. With SSH port forwarding you can establish a logical connection through the proxy an you will then be able to access the Oracle database through it.

You can use the very common SSH client PUTTY to establish this logical connection

Port Forwarding using SSH

In order to use port forwarding to connect from your local machine to a port on a remote server, you need to:

Choose a port number on your local machine (e.g. 5500) where PuTTY should listen for incoming connections.

Now, before you start your SSH connection, go to the PuTTY Tunnels panel. Make sure the �Local� radio button is set. Enter the local port (e.g. 5500) number into the �Source port� box. Enter the destination host name and port number into the �Destination� box, separated by a colon (e.g. 192.168.151.2:1521).

Now click the [Add] button. The details of your port forwarding should appear in the list box.

Now start your session and log in to the proxy host. To check that PuTTY has set up the port forwarding correctly, you can look at the PuTTY Event Log.

Now if you connect to the source port number on your local PC, you should find that it answers you exactly as if it were the service running on the destination machine.

You can also forward ports in the other direction: arrange for a particular port number on the server machine to be forwarded back to your PC as a connection to a service on your PC or near it. To do this, just select the �Remote� radio button instead of the �Local� one. The �Source port� box will now specify a port number on the server.

Enter Source and Destination, then click Add Button

After clicking the Add Button

X11 Forwarding

If you need to start a graphical application from the database server (on 192.168.151.2) and the output should be displayed on your local PC, then you must activate X11 forwarding in PUTTY.

Now log in to the SSH proxy server as normal. To check that X forwarding has been successfully negotiated during connection startup, you can check the PuTTY Event Log.

From the proxy server you must now enable X11 forwarding to the DB server, this can be established with the -X option of ssh.

proxy> ssh -X oracle@192.168.151.2

Now you can start for example Oracle's runInstaller and the output is displayed on your local PC - do not forget to start the cygwin X11 server on the PC.