How SSH tunnel works

[chushpan]

What is an SSH tunnel?​

SSH tunnel (Secure Shell Tunnel) is a technology that allows you to create a secure connection between a client and a server via the SSH protocol. This tunnel encrypts all traffic passing through it, making it useful for protecting data, bypassing restrictions, and accessing remote services.

SSH tunnels are often used to:

• Protecting traffic on unsecured networks.
• Bypassing blockages or firewalls.
• Access to internal resources (eg databases) through an external server.
• Creating a SOCKS proxy for anonymization.

How does SSH tunnel work?​

An SSH tunnel acts as a "wrapper" for your traffic. It encrypts the data and routes it through an SSH server, which acts as an intermediary. Here are the main steps:

1. Establishing an SSH connection​

1. The client connects to the SSH server using credentials (login and password or keys).
2. When connecting, an encrypted channel is created between the client and the server.

2. Redirecting traffic​

Traffic can be redirected in three ways:

• Local Tunnel (Local Port Forwarding): Traffic from the client's local port is forwarded through the SSH server to the remote host.
• Remote Tunnel (Remote Port Forwarding): Traffic from the remote port of the SSH server is forwarded to the local host of the client.
• Dynamic Tunnel (Dynamic Port Forwarding): Creates a SOCKS proxy that automatically routes traffic through the SSH server.

3. Decoding and transferring data​

1. The SSH server decrypts the traffic and sends it to the target host (such as a website or database).
2. The response from the target host is returned via the SSH server and encrypted again before being sent to the client.

Types of SSH tunnels​

1. Local tunnel (Local Port Forwarding)​

Local tunnel forwards traffic from the client's local port to a remote host via an SSH server.

Example of usage:

• You want to access the web interface of a database located on a remote server via an SSH tunnel.

Command:

ssh -L [local_port]:[target_host]:[target_port] [user]@[ssh-server]

Example:

ssh -L 8080:db-server.internal:3306 user@ssh-server.com

• Local port 8080 on your computer will forward traffic to port 3306 on host db-server.internal via SSH server ssh-server.com.

2. Remote Tunnel (Remote Port Forwarding)​

Remote tunnel redirects traffic from the SSH server port to the client's local host.

Example of usage:

• You want to provide access to a web server on your local computer to other users via an SSH server.

Command:

ssh -R [remote_port]:[local_host]:[local_port] [user]@[ssh-server]

Example:

ssh -R 8080:localhost:80 user@ssh-server.com

• Port 8080 on the SSH server will forward traffic to port 80 on your local computer.

3. Dynamic Tunnel (Dynamic Port Forwarding)​

Dynamic tunnel creates a SOCKS proxy that automatically routes traffic through the SSH server.

Example of use:

• You want to use your browser through a SOCKS proxy to anonymize and bypass restrictions.

Command:

ssh -D [local_port] [user]@[ssh-server]

Example:

ssh -D 1080 user@ssh-server.com

• A SOCKS proxy is created on port 1080 of your computer. You can configure your browser or other programs to use this proxy.

Example of SSH tunnel operation​

Scenario: Accessing an internal database​

1. You have SSH access to the company server.
2. The database is located inside the corporate network and is not directly accessible from the Internet.
3. You create a local tunnel:
   

   ssh -L 3306:db-server.internal:3306 user@ssh-server.com

4. You can now connect to the database via local port 3306 on your computer.

Advantages of SSH tunnel​

1. Encryption:
   • All data is encrypted, which protects it from interception.
2. Bypass restrictions:
   • Allows access to blocked resources.
3. Anonymity:
   • Traffic is routed through an SSH server, hiding your real IP address.
4. Flexibility:
   • Supports various types of traffic (HTTP, FTP, databases, etc.).
5. Simplicity settings:
   • Does not require installation of additional software.

Disadvantages of SSH tunnel​

1. Speed:
   • Encryption and routing through an SSH server can slow down your connection.
2. Server limitations:
   • If the SSH server is blocked or has restrictions, this may affect the tunnel's operation.
3. SSH server dependency:
   • Access to a secure SSH server is required.

Conclusion​

SSH tunnel is a powerful tool for protecting data, bypassing restrictions and accessing remote resources. It is easy to set up and does not require additional software. However, it is important to consider the connection speed and reliability of the SSH server.

If you have additional questions about how SSH tunnel works or examples of its use, ask them!

 

[Man]

An SSH tunnel is an encrypted connection created via the SSH protocol that forwards network traffic between a local and a remote machine. It is used to:

• secure access to remote services,
• bypass blocking,
• data protection in public networks.
• carding to match the IP address to the address of the rightful owner of the card

1. Operating principle​

An SSH tunnel creates an encrypted channel between your computer and the server through which traffic is transmitted.

1.1. Main components​

• Local machine (client) - your PC.
• SSH server is a remote server with open SSH access (for example, VPS).
• The target service is the website, database, or other resource to which you want to connect.

1.2 How is data transferred?​

1. An SSH connection is established (authentication by key or password).
2. Traffic is encrypted (AES, ChaCha20) and transmitted through port 22 (or another if changed).
3. The server redirects traffic to the target resource (if a tunnel is configured).

2. Types of SSH tunnels​

2.1. Local Tunnel (Local Port Forwarding)​

What it is for: Access to a remote service via a local port.
Example:

ssh -L 8080:example.com:80 user@ssh-server.com

How it works:

• You connect to localhost:8080 → traffic goes through the SSH server to example.com:80.

Where to use:

• Access to a blocked site.
• Connecting to a remote database (MySQL, PostgreSQL).

2.2. Remote Tunnel (Remote Port Forwarding)​

What for: Opening access to a local service from outside.
Example:

ssh -R 9000:localhost:3000 user@ssh-server.com

How it works:

• Connection to ssh-server.com:9000 → redirected to your local server localhost:3000.

Where to use:

• Demonstrating a local web server to colleagues.
• NAT traversal without port forwarding.

2.3. Dynamic tunnel (SOCKS proxy)​

What for: Flexible proxy for all traffic.
Example:

ssh -D 1080 user@ssh-server.com

How it works:

• Configure your browser/system to SOCKS5://127.0.0.1:1080 → all traffic goes through the SSH server.

Where to use:

• Bypass blocking (like VPN, but without third-party services).
• Hiding IP when parsing.

3. Setting up an SSH tunnel​

3.1. Requirements​

• SSH server (e.g. VPS with Ubuntu).
• Access by key/password .

3.2. Command examples​

Tunnel type	Team	Effect
Local	ssh -L 3306:localhost:3306 user@server	Access remote MySQL via localhost:3306.
Remote	ssh -R 8080:localhost:80 user@server	Your local site will be available on server:8080.
SOCKS	ssh -D 1337 -C -N user@server	Creates a SOCKS5 proxy on port 1337 (-C - compression, -N - no command execution).

3.3. Automation (so that the tunnel does not break)​

autossh -M 0 -f -N -L 3306:localhost:3306 user@server

• -M 0 - disables monitoring (you can specify a port, for example, -M 50000).
• -f — run in background.

4. Security​

4.1. Pros​

• Encryption (AES-256, ChaCha20).
• Key authentication (more secure than password).
• No third-party servers (unlike VPN).

4.2. Cons​

• Does not hide the fact that SSH is used (the provider sees the connection).
• May be blocked (if port 22 is closed).

How to strengthen protection:

• Change the SSH port (/etc/ssh/sshd_config → Port 2222).
• Use Fail2Ban to block brute force.

5. Comparison with VPN and SOCKS5​

Criterion	SSH tunnel	VPN	SOCKS5
Encryption	Yes	Yes	No
Flexibility	TCP only	All types of traffic	TCP/UDP
Speed	Average	Depends on the protocol	High
Complexity	Requires commands	Simple applications	Easy setup

Conclusion​

1. Local tunnel (-L) - for accessing remote services.
2. Remote tunnel (-R) - to expose a local service to the outside.
3. SOCKS over SSH (-D) - anonymous web surfing.

Example for bypassing blocking:

ssh -D 1080 -C -N user@your-server.com

→ Set your browser to SOCKS5://127.0.0.1:1080 and enjoy.

Need help with a specific scenario? Ready to help!