Home » How To.. » Windows » Tunneling a TCP port thru an SSH tunnel

How do I tunnel TCP port thru an SSH tunnel?

  1. Problem

    Standard FTP/IMAP4/POP3/SMTP are not secure in any fashion-- that is, they are unencrypted protocols and as such all email and password information transmitted via them is viewable by any person or machine between the client and server. Solutions to this, such as FTP/IMAP4/POP3 and SMTP over SSL are available but not yet widely implemented. Also, many sites block connection to sites on various TCP ports outside of their firewall to prevent users from using outside servers.

  2. Solution

    Both above problems can be solved via SSH tunneling. Steps to accomplish this follow.

    1. Make sure you have SSH Secure Shell Client installed. Information on this can be found here and here.
    2. Open SSH Secure Shell and create a connection to your server . Make sure you save it as a connection in profiles.
    3. Once you have your connection up and running, go to Profiles/Edit Profiles and click your profile of choice.
    4. Click the Tunneling tab and then click Add.
    5. Enter a unique name for the tunnel in display name.
    6. Enter the port associated with the protocol you want to set up a tunnel for in Listen Port and Destination Port. A list of ports and associated protocols can be found here. For example, IMAP4 uses port 143, SMTP uses 25, and POP3 uses 110.
    7. If your mail server is the same as the SSH server you are connecting to, leave Destination Host as localhost. If it is different, change Destination Host to your mail server
    8. Click OK. Repeat the process for any addtional protocols.
    9. Click OK again, and then File/Save Settings. Disconnect and Reconnect to your server.
    10. Install/Configure whatever program you are using and set it to connect to localhost. For example, in Outlook Express set Incoming Mail and Outgoing Mail to localhost. Click here to see what this should look like. More information on configuring email clients can be found here.

    NOTE: This procedure can be used to tunnel just about any protocol which uses a standard TCP port. However, to make the connection, the SSH Secure Shell client must be running and connected to your SSH server before your application is run.

  3. Other Useful Information


Questions not covered in this FAQ? Make sure to send them in!

Last Updated: Wednesday, June 25th, 2003 @ 03:00 PM by Jason Hicks

Go Back