Now if I am not mistaken, an SSH tunnel of port 80 to a web server on port 80 should allow my port 80 to tunnel through that server, correct? However, when I set up a tunnel and access a website, my log still appears to come from my home computer instead of the server's IP. Any ideas why?
I use the following command but all it appears to do is just SSH into the host in the terminal:
ssh root@webserver -L 80:127.0.0.1:80 3 2 Answers
Just tried this and confirmed that it was working:
ssh -ND 8080 Root is required to bind the local port 80 on your machine since it's a reserved port (and 8080 is the common alternate). To forward just your browser traffic you could set Firefox / Chrome / Whatever to use a Socks proxy "localhost" on "8080".
Try it without root, works for me on a webserver that I do not have root access to.
2Once the tunnel is set up (with -L) you need to change the URL you use, e.g. or if the site name must match due to the virtual-hosting set up then you'll need to add that to your desktop hosts file:
127.0.0.1 You could define an alias on the server vhost so that you can use one name for 127.0.0.1 like "test.domain.com", and the real name to go directly, if that's ever going to be useful -- forgetting to remove entries from the hosts file is a good way to cause confusion. Depends on how the site works.
To forward port 80 you only need to be root on the desktop, ''not'' the webserver. I'd strongly suggest not allowing ssh login for root.
Using a non-privileged port may work, again depending on your site:
ssh user@webserver -L 1080:127.0.0.1:80and use the URL .
Using a SOCKS proxy (-D) as suggested may cause some surprises, depending on SOCKS/DNS/firewall/NAT configuration.
(On linux as an alternative to being root for reserved ports you can use POSIX capabilities, see , however this will not work on standard versions of OpenSSH as it has an extra hard-coded check on port numbers, unless compiled with NO_IPPORT_RESERVED_CONCEPT defined. The answers to the linked question have various other solutions to that.)