I'm trying to understand the concept of SSH tunnelling and port forwarding and was wondering if someone could explain some of the technicalities.
Server A: 192.168.0.3:80 (HTTP)
SSH Box : 192.168.0.2 (SSH server)
Local Machine : 192.168.0.1
The Local machine cannot connect to Server A (port 80) directly, but it can connect to SSH Box, which in turn can connect to Server A.
So Local Machine connects to SSH Box ( using ssh )and I forward the connection from Server A onto my Local Machine ( via SSH BOX) on an unused port, e.g 3500 . This is the section I need explaining :
I often use Putty on XP and when I SSH to remote linux server port 22 the initial connection is made via an unused port, say 2150 on the Local Machine (found using netstat) .
Now this "information channel" between p2150 (lm) and p22(server) is encrypted and safe. So when I want data to be forwarded to port 3500, am I in essence telling the computer to divert the "encrypted data" from the port2150-port22 "channel" to the Web Browser via port 3500 ?? Port 3500 has no real direct contact with port 22 on the SSH Box or the outside world. Or does it ?
Could someone explain to me the role of all three ( in my case 2150, 22 and 3500) ports in this ??
I wrongfully thought that the Putty connection in the above case would be :
port3500(Local Machine)-----port22(SSH Box)
Is the actual layout something similar to below ???
Local Machine port 2150 <---------->port 22 SSH BOX <----> HTTP :80
| <- port 3500
Thanks again !