There are 3 types of ssh forwarding: local forwarding, remote forwarding, and dynamic forwarding.
1. Local forwarding: When the directions of the client and ssh-client are the same, it is local forwarding.
Restrictions: 1) The client's direct access to the server is blocked by the firewall. 2) Two-way ssh communication is allowed.
For example: the client wants to access port 393 on the server, but it is blocked by the firewall between the two, and the firewall allows ssh access. At this time, the local forwarding of ssh is used to forward the data that should access server:393 to the local port 7000 (hypothetical), and then ssh sends the data of the local port 7000 to the server's port 393 through the ssh tunnel. This completes the local forwarding.
example:
#Forward the data accessing port 7001 on the client to port 389 on the server, #The localhost here refers to the server ssh -L 7001:localhost:389 Server
2. Remote forwarding. Remote forwarding is used when client and ssh-client are inconsistent.
Restrictions: 1) the client cannot directly access the server, 2) cannot access the server through ssh, 3) the server is allowed to access the client.
This is why, the direction is inconsistent, we configure ssh-client on the server, and configure ssh-server on the client, so that we can use ssh communication.
Example: Execute on a remote server:
#7001 port is on the client, localhost refers to the server, #here
means: the ssh-client on the server initiates the ssh connection, and informs the client's ssh-server to monitor the 7001 port,
#If there is data to access the 7001 port of the clinet, just It will be forwarded by the ssh-server on the clinet to the ssh-clinet on the server , and forwarded to port 389 on the server. ssh -R 7001 :localhost: 389 Client
