SSH Port Forwarding

Giles Orr

Jacob Wyatt

11 October, 2000

Secure Shell (a secure replacement for telnet/rsh) allows the securing of normally insecure services such as FTP, POP, SMTP, and VNC. We will discuss basic installation of SSH, including several examples of port forwarding, and you will learn how to apply this excellent security tool for your own purposes.


Table of Contents
Introduction
Available Versions
Basic Use of SSH
Port Forwarding
Forwarding X
Forwarding News
Forwarding FTP
Port Numbers
Forwarding Mail under Windows
Pitfalls
Conclusion
Resources

Introduction

SSH stands for "Secure SHell." SSH is a replacement for telnet, rsh, and rlogin, to allow secure shell access to remote machines over an untrusted network. Telnet was designed at a time when the Internet consisted of a relatively small number of universities, and no one had ever heard of a packet sniffer. Packet sniffers such as sniffit and tcpdump are now relatively common - they have some highly practical uses, but obviously can also be used to collect passwords of those using unencrypted connections on a local network. Even if the password handshaking is encrypted, quite a bit of personal information can be collected watching an unencrypted transaction after the passwords. SSH packets looks like garbage to a packet sniffer.