Everyone who knows me well knows that tunnels in SSH represent one of my all-time-favorite features, ever. Why? Simple: They are so immensely useful.
Say you are debugging an issue on server, as I am today, and you need a mail server running on that server. But, that server is a production system, and you cannot install a mail server on it. Want a quick "mail server"? Use an SSH tunnel:
sudo ssh -L 25:mail.domain.com:25 daniel@localhost
This will ssh back to localhost as user daniel, but will set up a listener on port 25 that points to mail.domain.com, port 25.
Voila... a temporary "mail server" on your system, torn down when you no longer need it.
You can also use tunnels for many other things. I also use SSH to tunnel VNC, RDP, Synergy, Video Station from my Synology -- and I even use it to access my ESXi console.
SSH tunnels are easy to implement in an SSH config file:
host demo
hostname demo.example.com
user daniel
ForwardAgent yes
LocalForward 5022 192.168.0.2:22
LocalForward 5947 192.168.0.47:5900
LocalForward 24800 192.168.0.2:24800
I am a system engineer in the Raleigh, NC area. My main interests are Unix, VMware, and networking. More about me, and how I got started.