DEV Community

Baraa Mohamed
Baraa Mohamed

Posted on • Edited on

3

SSH Tunnel: Forwarding Traffic between hosts

In cloud environments, you might encounter scenarios where you need to forward traffic securely between hosts. SSH tunneling, also known as port forwarding, is a technique that allows you to create a secure communication tunnel between two hosts over specific ports.

What is SSH Tunneling?

SSH tunneling enables secure access to remote services that are not directly accessible. For instance, you can access a private service on a cloud server through a public host. This approach helps maintain security by keeping sensitive services private.


Example: Accessing Jenkins Dashboard on AWS

Suppose you have Jenkins running on an EC2 instance in AWS, and you want to access its dashboard on port 8080. Using SSH tunneling, you can securely forward traffic from your local machine to the Jenkins instance.

Pre-requisites:

  1. Ensure the Jenkins EC2 instance allows TCP traffic on port 8080 and HTTP traffic in its security group.
  2. Have the access key for the Jenkins EC2 instance.

Command to Create the Tunnel:

ssh -i <access-key> -L <your-host-port>:<Jenkins-ip>:<Jenkins-port> <public-Jenkins-instance>
Enter fullscreen mode Exit fullscreen mode

Example:

ssh -i "myKey.pem" -L 4040:localhost:8080 ubuntu@ec2
Enter fullscreen mode Exit fullscreen mode

Explanation of Flags:

  • i: Includes the access key file required for authentication.
  • L: Specifies the local port (4040), remote host (localhost or the private IP of Jenkins), and remote port (8080) for the tunnel.
  • localhost: Refers to the Jenkins instance. SSH forwards traffic to port 8080 on the Jenkins EC2 instance.

Accessing Jenkins Locally

After running the command, open your browser and navigate to http://localhost:4040. You should see the Jenkins dashboard, as traffic on port 4040 of your machine is securely forwarded to port 8080 on the EC2 instance.


Conclusion

By leveraging SSH tunneling, you can securely access remote services like Jenkins dashboards without exposing them to the public internet. This technique is versatile and applicable to many cloud-based workflows.

🤍 I'd love to connect with you on LinkedIn—let's grow our network and share ideas! here

Sentry blog image

How I fixed 20 seconds of lag for every user in just 20 minutes.

Our AI agent was running 10-20 seconds slower than it should, impacting both our own developers and our early adopters. See how I used Sentry Profiling to fix it in record time.

Read more

Top comments (0)

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay