aren`t you missing -R or -L before 5900:remotehost... ? as far as I know, ssh tunnels are made with these two options. which oreilly book/chapter/section do you refer? Tom Lobato tinecon.com.br arguellodw escreveu: > Hello all, > I'm having a difficult time understanding the difference between these two > local tunnels. Here is how I see them: > > =========================================================================== > 1) mymachine: $ ssh 5900:localhost:5900 remotehost > ==> I'm sitting in front of a computer called mymachine, and ssh opens port > 5900 for listening on mymachine and ties the other end of it to port 22 of a > computer called remotehost. The ssh server on remote host then forwards > anything it receives at this port from socket:(mymachine's IP, 5900) to > socket:(remotehost IP, 5900). A schematic might go like this -- > > (mymachine's IP, 5900) --> (mymachine's IP, ssh-chosen port) --network--> > (remotehost IP, 22) --> (remotehost IP, 5900) > > 2) mymachine: $ ssh 5900:remotehost:5900 remotehost > ==> I'm in front of a computer called mymachine, and ssh opens port 5900 for > listening on mymachine and ties it to port 5900 on a computer called > remotehost. A schematic might look like this: > > (mymachine's IP, 5900) --network--> (remotehost IP, 22) --> (remotehost IP, > 5900) > =========================================================================== > > I'm pretty sure I have the right idea in the first instance, but I don't > think I'm right on the second one. According to O'Reilly, the two command > lines accomplish the same thing as far as forwarding the port, but there is > a subtle difference in that the source sockets of the connection are > different from the POV of the receiving end (remotehost IP, 22). > > Can somebody put me on the right track to understanding exactly what these > commands accomplish? > Thanks, > Dan Arguello
