I often use a 'hopping server' when connecting to clients, that means i need to login twice each time. To make my life easier i sometimes use an SSH tunnel so i can connect to clients directly.
SSH Tunnel can also be usefull when your office blocks netflix 😉
Local Port Forwarding
This will allow you to access remote servers direcly from your local computer. Let's assume you want to use RDP (3389) to a clients hosts (10.0.1.1) and your hopping server is 'hopping.server'
ssh -L 6000:10.0.1.1:3389 [email protected]
Now you can open Remote Desktop and connect to 'localhost:6000', directing you through the tunnel!
Remote Port Forwarding
This will make your local service/port acccessible from a remote host. Sometimes i use this to keep a 'backdoor' and login remotely (home or whatever).
Let's say you want to make a webapplication (TCP 443) availible at port 6000 on the remote SSH server
ssh -R 6000:localhost:443 [email protected]
Now you should be able to connect to port 6000 on the remote host (bontekoe.technology)
Dynamic Forwarding (Proxy)
This is ideal for people who want to use the internet safely/anonymous or for offices where Netflix is blocked 😉
Use a remote server to tunnel all web traffic (eg. home server), connect through SSH to it using the -D flag
ssh -D 6000 [email protected]
Now open up your browser settings, navigate to the connection properties and enter a Proxy server (manually using SOCKS). Use 127.0.0.1 as host and 6000 as port. The tunnel will remain open as long as you are connected through SSH.