Chances are that you’ve already used SSH a lot during your programming career. Whether it involved cloning a git repository or connecting to a remote server. Either way, both involving SSH on a basic level.

But beyond fetching a git repo or connecting to a server, SSH has some other purposes which may enhance your development workflow. One of them is SSH tunneling, also known as local or remote port forwarding. I’ll get into what it is and the difference between local and remote port forward.

Basic SSH

SSH stands for Secure Shell and is a program that is used to create a secure connection to a remote server. To create an SSH connection simply enter this command in your terminal:

ssh user@remote-server.com

user is the username on your server and remote-server.com is the hostname pointing to it, but you can also use your server IP address if you don’t have any domain name. After you’ve entered your password, you’ll be connected to the remote server with a secure connection.

Local port forwarding

As mentioned earlier there are two ways to establish an SSH tunnel. The first one is local port forwarding. To put this in simple terms — local port forwarding allows you to forward a local port number to a remote server. But why would you want to do to that? Imagine that you’re sitting on a network and you want to connect to a domain that is blocked on that network. To bypass this, you can connect to the domain from a server without any restrictions, like a server outside of the network you’re sitting on.

This is where local port forward comes in handy. Just create an SSH connection to your remote server, like the earlier example, but this time you must add a flag that is telling the SSH program to forward a specific hostname and port:

ssh -L 8000:restricted-domain.com:80 user@remote-server.com

Syntax:

ssh -L <LocalPort>:<RemoteHost>:<RemotePort> user@<RemoteServer>

This command is telling the program to forward all the requests on localhost:8000 to restricted-domain.com:80 via remote-server.com.

Of course, this is one of the many use cases for local port forwarding. A more relatable use case for developers is, for example, connecting to a remote database that only allows connection from a server on the same network. With an SSH tunnel, you can create a connection to the database through another server sitting on the same network as the database.

Remote port forwarding

Remote port forwarding is like the opposite of local port forwarding. It will forward all requests on a remote servers’ port to your machine. This really comes in handy when you need someone or some service to access your localhost, without the need to share or expose your IP address.

Typically cloud-based services (i.e chatbots) require you to deploy a server application and provide a URL for it to connect too. This makes developing and debugging challenging since you’ll have to deploy a new version of the application code every time you want to test it. With remote port forwarding, you can just set up a cloud server or a VPS, and forward the connection to your local machine. This way you can develop and test the chatbot continuously.

ssh -R 8000:localhost:3000 user@remote-server.com

Syntax:

ssh -R <RemotePort>:<LocalHost>:<LocalPort> user@<RemoteServer>

(Note the two different arguments, -L and -R to the SSH commands.)

This command will forward all requests to remote-server.com:8000 to your localhost. Remote port forwarding works in the same way as Ngrok, and may very well replace the usage of this service.

Conclusion

SSH tunneling is a powerful tool that will improve any developers workflow. It comes especially in handy when working with cloud-based services like a remote database or a chatbot.