{{tag>ssh proxy}}

====== SSH tunnel port forwarding ======
===== Access remote resource running on port 5555 locally on port 5001 =====
  ssh user@example.com -L 5001:localhost:5555

Then type in web browser https://localhost:5001
    
===== Opposite: access local resource on port 3000 over public domain =====
  ssh -R 8083:localhost:3000 user@example.com

Then type in browser "example.com" to see local content on public domain. example.com needs to be proxied by the webserver to 8083 port on server. ''user@example.com'' is just the hostname, you can point any domain to the host where you are connecting with the tunnel.


==== nginx proxy example ====
<code nginx>
server {
        include /etc/nginx/conf.d/ssl-conf;
        server_name example.com;

        access_log /var/log/nginx/$host;


    location / {
        proxy_pass http://localhost:8083;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
    }
}
</code>


SSH keys need to be set up beforehand for both methods.

====== See also ======
  * [[Tunnel Firefox connections through dynamic port]]
====== References ======
  * https://unix.stackexchange.com/questions/115897/whats-ssh-port-forwarding-and-whats-the-difference-between-ssh-local-and-remot