To use the feature SSH Port Forwarding you must enable AllowTcpForwarding on your sshd_config
AllowTcpForwarding yes
Remote Forwarding
To enable Remote Forwarding outside the server machine, you must enable GatewayPorts on your sshd_config
GatewayPorts yes
or strict all except an IP address
GatewayPorts clientspecified
Example 1:
ssh -R 12345:localhost:80 server.tutorialspots.com
Example 2:
ssh -R 11.11.11.11:12345:localhost:80 server.tutorialspots.com
only connections from the IP address 11.11.11.11 to port 12345 are allowed.
Local Forwarding
Example 3:
ssh -L 80:myweb.tutorialspots.com:80 server.tutorialspots.com
This example opens a connection to the server.tutorialspots.com jump server, and forwards any connection to port 80 on the local machine to port 80 on myweb.tutorialspots.com.
You can specify a bind address:
ssh -L 127.0.0.1:80:myweb.tutorialspots.com:80 server.tutorialspots.com
Dynamic Port Forwarding allows a communication not on a single port, but across a range of ports. This port forwarding is created using -D parameter. This option will make SSH acts as a SOCKS proxy server. SOCKS5 is an internet protocol which routes packets between a server and a client using a proxy server.
Example 4:
ssh -v -D 12345 root@server.tutorialspots.com
Now you have a Socks5: 127.0.0.1:12345
