DEV Community

Baraa Mohamed
Baraa Mohamed

Posted on • Edited on

SSH Tunnel: Forwarding Traffic between hosts

#webdev #linux #ubuntu #aws

In cloud environments, you might encounter scenarios where you need to forward traffic securely between hosts. SSH tunneling, also known as port forwarding, is a technique that allows you to create a secure communication tunnel between two hosts over specific ports.

What is SSH Tunneling?

SSH tunneling enables secure access to remote services that are not directly accessible. For instance, you can access a private service on a cloud server through a public host. This approach helps maintain security by keeping sensitive services private.

Example: Accessing Jenkins Dashboard on AWS

Suppose you have Jenkins running on an EC2 instance in AWS, and you want to access its dashboard on port 8080. Using SSH tunneling, you can securely forward traffic from your local machine to the Jenkins instance.

Pre-requisites:

  1. Ensure the Jenkins EC2 instance allows TCP traffic on port 8080 and HTTP traffic in its security group.
  2. Have the access key for the Jenkins EC2 instance.

Command to Create the Tunnel: 

ssh -i <access-key> -L <your-host-port>:<Jenkins-ip>:<Jenkins-port> <public-Jenkins-instance>
Enter fullscreen mode Exit fullscreen mode

Example: 

ssh -i "myKey.pem" -L 4040:localhost:8080 ubuntu@ec2
Enter fullscreen mode Exit fullscreen mode

Explanation of Flags:

  • i: Includes the access key file required for authentication.
  • L: Specifies the local port (4040), remote host (localhost or the private IP of Jenkins), and remote port (8080) for the tunnel.
  • localhost: Refers to the Jenkins instance. SSH forwards traffic to port 8080 on the Jenkins EC2 instance.

Accessing Jenkins Locally

After running the command, open your browser and navigate to http://localhost:4040. You should see the Jenkins dashboard, as traffic on port 4040 of your machine is securely forwarded to port 8080 on the EC2 instance.

Conclusion

By leveraging SSH tunneling, you can securely access remote services like Jenkins dashboards without exposing them to the public internet. This technique is versatile and applicable to many cloud-based workflows.

🤍 I'd love to connect with you on LinkedIn—let's grow our network and share ideas! here

Top comments (0)

Read next

sebs profile image

Taking LLMs to (code) town - part II. Creating a vanilla.js web component toolchain from ground up

Sebastian Schürmann -

umeshtharukaofficial profile image

Building AI Chatbots: The Technology Behind Conversational AI

Umesh Tharuka Malaviarachchi -

seasonedcode profile image

ReddAPI: The Easiest Way to Work with Reddit’s API! 🚀 by SeasonedCode

SeasonedCode -

orlidev profile image

✨ Adiós, 2024 🌟 ¡Hola, 2025! 🚀💫

Orli Dun -