Local vs Remote SSH port forwarding

When it comes to the art of SSH tunnelling, there are basically two options where to relay a port to.

You can relay a port from a remote server to your local machine with ssh -L, hence called local port forwarding. A very basic use-case is if your remote server has a MySQL database daemon listening on port 3306 and you want to access this daemon from your local computer.

The second option is to make your local port available on a remote server (ssh -R). Remote port forwarding might come in handy if you for example want to make your local web-server available on a port of a public server, so that someone can quickly check what your local web-server provides without having to deploy it somewhere publicly.

It should now be pretty easy to remember: Local and remote port forwarding always refers to where to relay the port to. The SSH command syntax uses the same easy to remember abbreviations: -L (forward to my local machine) and -R (forward to my remote machine).

Mehr bei http://www.everythingcli.org/ssh-tunnelling-for-fun-and-profit-local-vs-remote/

L;DR

Remote MySQL server (remote port 3306) to local machine on local port 5000:

ssh -L 5000:localhost:3306 cytopia@everythingcli.org

Local web-server (local port 80) to remote server on remote port 5000:

ssh -R 5000:localhost:80 cytopia@everythingcli.org