SSH Tunnels and Forwarding Cheat Sheet

SSH•Permalink

Local, remote, and dynamic SSH forwarding with practical database, web, and bastion tunnel recipes.

View

Standard Detailed Compact

Export

Copy the compact sheet, download it, or print it.

Download

`D` dense toggle · `C` copy all

## Forwarding Basics

Create a local port forward

↗#

ssh -L 5432:db.internal:5432 bastion.example.com

# Forward a local port to a remote host and port.

Create a remote port forward

↗#

ssh -R 8080:localhost:3000 user@example.com

# Expose a local service on the remote host.

Create a SOCKS proxy

↗#

ssh -D 1080 user@example.com

# Open a local SOCKS proxy for browser or CLI traffic.

Run a tunnel in background

↗#

ssh -fN -L 5432:db.internal:5432 bastion.example.com

# Create a tunnel without running a remote shell.

Forward a UNIX socket

↗#

ssh -L /tmp/pg.sock:/var/run/postgresql/.s.PGSQL.5432 user@example.com

# Forward a local UNIX socket to a remote UNIX socket.

Remote forward with gateway ports

↗#

ssh -R 0.0.0.0:8080:localhost:3000 user@example.com

# Allow remote listeners to bind beyond localhost when server policy permits it.

## Tunnel Recipes

PostgreSQL tunnel

↗#

ssh -fN -L 5432:postgres.internal:5432 bastion.example.com

# Access a private PostgreSQL instance through a bastion.

MySQL tunnel

↗#

ssh -fN -L 3306:mysql.internal:3306 bastion.example.com

# Access a private MySQL instance through a bastion.

Tunnel to Kubernetes API

↗#

ssh -fN -L 6443:k8s-api.internal:6443 bastion.example.com

# Access a private API server locally.

Tunnel via jump host

↗#

ssh -J bastion.example.com -L 9200:elastic.internal:9200 user@private.internal

# Create a local forward through a ProxyJump bastion.

Clear configured forwards on command line

↗#

ssh -o ClearAllForwardings=yes user@example.com

# Override config-defined forwards for one invocation.

More in SSH

OpenSSH Server Admin Cheat Sheet

sshd administration, config validation, systemd control, logging, hardening, authorized keys, and certificates.

SCP and SFTP Cheat Sheet

SSH-based file transfer with scp and sftp, including recursive copies, jump hosts, interactive commands, and batch mode.

SSH Keys and Agent Cheat Sheet

SSH key generation, authorized_keys management, ssh-keyscan, host keys, ssh-agent, ssh-add, and certificate basics.

SSH Config Cheat Sheet

Client-side SSH configuration examples for aliases, defaults, patterns, includes, ProxyJump, multiplexing, and effective config inspection.

SSH Cheat Sheet

Comprehensive SSH client commands for login, remote execution, auth, multiplexing, jump hosts, and practical options.

Recommended next

No recommendations yet.

Browse all sheets →