Remote port forwarding allows someone to ‘send’ a local port on their machine and essentially map it onto the SSH server. We’ll use an example to both illustrate the commands involved and highlight it’s use.
Alex is an someone who has a FTP server on his work computer that he wants to access from home. The company firewall however only allows port 80 outbound. Using Remote Port Forwarding he can ‘send’ his local port 21 to his computer at home.
Work Computer – Running FTP on port 21 and only allows output port 80.
Home PC – Running a SSH server and configured the day before to listen on port 80. IP is 126.96.36.199.
ssh <server IP> -p <ssh port> -R <server remote port>:127.0.0.1:<local port to send>
ssh firstname.lastname@example.org -p 80 -R 2121:127.0.0.1:21
Now when Alex get’s home, assuming he has left the ssh connection open and not interacted with it, he will be able to access his work FTP server. He would do this by pointing his FTP client to localhost:2121. Note, this is similar to metasploit’s portfwd module. Search for ‘portfwd’ if you wish to read about it.