SSH Tectia  
Previous Next Up [Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Authentication >>
    System Administration >>
    File Transfer Using SFTP >>
    Secure File Transfer Using Transparent FTP Security >>
    Tunneling >>
        Local Tunnels >>
        Remote Tunnels
        Agent Forwarding
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Man Pages and Default Configuration Files >>
    Log Messages >>

Remote Tunnels

A remote (incoming) tunnel forwards traffic coming to a remote port to a specified local port.

With sshg3 on the command line, the syntax of the remote tunneling command is the following:

$ sshg3 -R [protocol/][listen-address:]listen-port:dst-host:dst-port server

Setting up remote tunneling allocates a listener port on the remote server. Whenever a connection is made to this listener, the connection is tunneled over Secure Shell to the local client and another connection is made from the client to a specified destination host and port. The connection from the client onwards will not be secure, it is a normal TCP connection.

Figure Remote tunneling terminology shows the different hosts and ports involved in remote port forwarding.


clientserver-tunnel-remote2-7.gif
Figure : Remote tunneling terminology

For example, if you issue the following command, all traffic which comes to port 1234 on the server will be forwarded to port 23 on the client. See Remote tunnel.

$ sshg3 -R 1234:localhost:23 username@sshserver

The forwarding address in the command is resolved at the (local) end point of the tunnel. In this case localhost refers to the client host.


clientserver-tunnel-remote-8.gif
Figure : Remote (incoming) tunnel

By default, the server allows remote tunnels from all addresses for all users. To restrict tunneling for all or for specified users, see Section Securing Tunneling.

Previous Next Up [Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2011 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice