Ssh - Tunnel - From server to local (Right Port Forwarding)

Host Key Not Cached Putty


When the port is not open on a server, you can still reach it via SSH and a right tunnel (or Right port forwarding).

When the tunnel is active, a request to a local port will be forwarded via the SSH tunnel to the port of the remote server.

Illustration Image Credit: How does reverse SSH tunneling work? from Erik

Ssh Tunnel Forward Server Network Traffic To Localhost


With the below example, we will query a HTTP server running on the client from the remote Server through SSH tunneling.

Create the tunnel

You can create it with any SSL client such as:


From the client host:

ssh -N -T -l loginName -R8881:localhost:8888 sshServerHost


  • localhost is the host seen from the ssh client
  • The remote port is 8881 (The port of the Remote ssh Server)
  • The local host port is 8888
  • The loginName is loginName
  • N means no remote command
  • T disables pseudo-tty allocation (No terminal)


Java with Jsch

JSch jsch = new JSch();
Session session = jsch.getSession(user, host, 22);
int localPort = 8888;
String localHost = "localhost";
int remotePort = 8881;
session.setConfig("StrictHostKeyChecking", "no");
System.out.println("Establishing Connection...");
session.setPortForwardingR(localPort, localHost, remotePort);

Make a request

Usage Example - Make a request from the server rerouted to your computer: On the remote SSH server request, a call to the port 8881 will be redirected to the port 8880 of localhost.

wget localhost:8881/hello.html
--2017-02-07 12:29:22--  http://localhost:8881/hello.html
Resolving localhost...
Connecting to localhost||:8881... connected.
HTTP request sent, awaiting response... 200 OK
Length: 5 [text/html]
Saving to: `hello.html'

100%[============================================>] 5           --.-K/s   in 0s

2017-02-07 12:29:23 (62.8 KB/s) - `hello.html' saved [5/5]

Discover More
Host Key Not Cached Putty
SSH - Tunnel (Port Forwarding)

A Secure Shell (SSH) tunnel consists of an encrypted tunnel created through an SSH protocol connection. Users may set up SSH tunnels: to transfer unencrypted traffic over a network through an encrypted...

Share this page:
Follow us:
Task Runner