SSH Tunneling

SSH is great for securely accessing servers, but SSH also has some powerful, lesser-known features. One of the more powerful and often unknown features is tunneling.

Tunneling allows you to forward a port on a remote server to one on a local server. This is especially useful for web devs, because it allows you to create a tunnel between a local web server and the internet that allows anyone to access your local app or website.


Before you get started, you’ll need to have a publicly accessible server that you’re able to access with SSH. This can be any kind of server as long as it has SSH installed.

You’ll also need to set GatewayPorts yes in the SSH server config file. This is usually located in /etc/ssh/sshd_config, but that may differ depending on your system. After making the edit, be sure to restart the SSH server by running sudo /etc/init.d/ssh restart or sudo service ssh restart.

Creating the Tunnel

Once you have everything set up, the next step is pretty simple. You just need to run:

ssh -N -R 3999:localhost:80

Note: You don’t need to type the $ symbol

Here’s a breakdown of what each part does:

ssh -N -R
This gets it all started. The -N makes sure that you don’t login to the remote server, and -R is what tells SSH to create the tunnel.
This is where you set the port for the remote server, the local server address, and the port for the local server.

The first number is the port that you want the remote server to listen on. This can be any number between 1024-65535, and you’ll need to make sure to allow that port in your firewall if you have one set up. Next is the local server address. In almost all cases this will be localhost. And finally, the last number is the port that your local web server is listening on.
The last part of the command is where you specify your user that has SSH access to the server and the address of the remote server.
If you already have a domain name setup in DNS for the server, you’ll be able to use that to access the tunnel. Otherwise, you’ll need to use the server’s IP address.

Now that you have an SSH tunnel open, going to the remote server address with the forwarded port in your browser, e.g., should allow you to view your local website or app from anywhere with an internet connection.

It takes a bit of work to set up, but SSH tunneling is great for sharing or testing your local dev site/app.