General pattern:
ssh bridge-machine -L local-port:destination-machine:destination-port -N
Where bridge-machine
is the machine providing an ssh server that will act as a bridge to the destionation-machine
. The destionation machine could be, for instance, a database, a Redis server, etc, that is not accessible from your network, but is accessible via another server (the bridge) that you are able to access via SSH.
I always forget which port is the local one is which is the remote. One nice mnemonic is to remember that Left is Local, Right is Remote.
In the end, bridge-machine
will be connected to destionation-machine:destination-port
and that connection will be exposed in your local port local-port
.
-L
provides the tunnel configuration, -N
tells SSH to not open a terminal. This command will steal your terminal. If you don't want that, use the -f
option to tell SHH to run on the background.