The second case opens an icoming tunnel... I 'try to explain: You have e http server listening on your machine at port 80 but just on localhost (127.0.0.1) you make a ssh -r 80:remotehost:5900 remotehost then, on the remote host, if you telnet localhost 5900 you got your http server ... Hope it was clear enogh cheers On 5/9/08, arguellodw <arguellodw@xxxxxxxxx> wrote: > > Hello all, > I'm having a difficult time understanding the difference between these two > local tunnels. Here is how I see them: > > =========================================================================== > 1) mymachine: $ ssh 5900:localhost:5900 remotehost > ==> I'm sitting in front of a computer called mymachine, and ssh opens port > 5900 for listening on mymachine and ties the other end of it to port 22 of a > computer called remotehost. The ssh server on remote host then forwards > anything it receives at this port from socket:(mymachine's IP, 5900) to > socket:(remotehost IP, 5900). A schematic might go like this -- > > (mymachine's IP, 5900) --> (mymachine's IP, ssh-chosen port) --network--> > (remotehost IP, 22) --> (remotehost IP, 5900) > > 2) mymachine: $ ssh 5900:remotehost:5900 remotehost > ==> I'm in front of a computer called mymachine, and ssh opens port 5900 for > listening on mymachine and ties it to port 5900 on a computer called > remotehost. A schematic might look like this: > > (mymachine's IP, 5900) --network--> (remotehost IP, 22) --> (remotehost IP, > 5900) > =========================================================================== > > I'm pretty sure I have the right idea in the first instance, but I don't > think I'm right on the second one. According to O'Reilly, the two command > lines accomplish the same thing as far as forwarding the port, but there is > a subtle difference in that the source sockets of the connection are > different from the POV of the receiving end (remotehost IP, 22). > > Can somebody put me on the right track to understanding exactly what these > commands accomplish? > Thanks, > Dan Arguello > -- > View this message in context: http://www.nabble.com/What-is-difference-between-%275900%3Alocalhost%3A5900-remotehost%27-and-%275900%3Aremotehost%3A5900-remotehost%27--tp17138548p17138548.html > Sent from the SSH (Secure Shell) mailing list archive at Nabble.com. > >