![ssh proxy tunnel ssh proxy tunnel](https://www.math.ucla.edu/sites/default/files/computing/kb/images/ssh_tunnel/SSH_Proxy_KB4.jpg)
Remote Port Forwarding: $ ssh -nNT -R 4000:localhost:3000 above command sets up an ssh tunnel between your machine and the server, and forwards all traffic from localhost:3000 (on your machine) to localhost:4000 (in the context of the server). Note that this also allows you to be able to forward multiple MySQL servers from multiple servers to your local machine over different ports and access data safely. This is useful when you want to expose services running on your server which isn’t accessible to the outside world directly (for good reason). So now you could connect to MySQL running on your server via localhost on port 8000 on your machine. 3306 is the default port of MySQL) to localhost:8000 (on your machine). Local Port Forwarding: $ ssh -nNT -L 8000:localhost:3306 above command sets up an ssh tunnel between your machine and the server, and forwards all traffic from localhost:3306 (in the context of server, localhost is the server itself. For a deeper understanding of the ssh commands & flags used, kindly refer to the ssh manual.
![ssh proxy tunnel ssh proxy tunnel](https://1.bp.blogspot.com/--v2Ig0xt5P4/VbX7y_V_IUI/AAAAAAAAD4w/bg5SW_D2h4s/s1600/ssh-tunnel1.png)
NOTE: I will not be deep diving and explaining each and every ssh flag used below, the idea is to showcase the power of ssh tunneling.
![ssh proxy tunnel ssh proxy tunnel](https://cdn1s.iosnoops.com/wp-content/uploads/appsicons/1260223542xscreen1.jpg)
The icing on the cake is that you get encryption out of the box without any additional work on your application service side. This allows us to easily & securely make services available between machines with minimal effort while at the same time leveraging ssh for user authentication and encryption with little to no overhead. SSH Tunneling, is the ability to use ssh to create a bi-directional encrypted network connection between machines over which data can be exchanged, typically TCP/IP. Photo by Scott Eckersley on Unsplash SSH Tunneling Primer