Tunneling
Tunneling settings are configured using the Tunneling page of the Settings dialog. Any changed tunneling settings will take effect the next time you login.
Figure : The Tunneling page of the Settings dialog.
The outgoing and incoming tunnel settings are configured using the
Outgoing and Incoming tabs of the Tunneling page.
Outgoing Tunnel
Outgoing tunnels protect data that your local computer sends from a specified local port to the specified port on the remote host computer. Click the Outgoing tab to edit outgoing tunnel definitions.
The following fields are used to define an outgoing tunnel. These values can be edited by clicking the Add or Edit buttons on the Outgoing page of the Settings dialog.
- Display Name
The name of the tunnel definition. You can use this field to type in a descriptive name that will help you to recognize this tunnel definition later on.
- Type
Select the type of the tunnel from the dropdown list. Valid choices are TCP and FTP.
- Listen Port
This is the number of the port that the tunnel 'listens to', or captures.
- Allow Local Connections Only
Leave a check mark in this box if you allow only local connections to be made. This means that other computers will not be able to use the tunnel created by you. By default, only local connections are allowed. This is the right choice for most situations. You should carefully consider the security implications if you decide to also allow outside connections.
- Destination Host
This field defines the destination host of the tunnel. The default value is localhost
.
Note: The value of localhost
is resolved after the Secure Shell connection has been established - so localhost
will refer to the remote host computer you have connected to.
- Destination Port
The destination port defines what port will be used in the destination end of the tunnel.
Incoming Tunnel
Incoming tunnels protect the data that your local computer is receiving on a specified port from the remote host computer's specified port. Click the Incoming tab to edit incoming tunnel definitions.
The following fields are used to define an incoming tunnel. These values can be edited by clicking the Add or Edit buttons.
- Display Name
The name of the tunnel definition. You can use this field to type in a descriptive name that will help you to recognize this tunnel definition later on.
- Type
Select the type of the tunnel from the dropdown list. Valid choices are TCP and FTP.
- Listen Port
The port that the tunnel 'listens to', or captures from the remote host computer.
- Destination Host
This field defines the destination host of the tunnel. The default value is localhost
.
- Destination Port
The destination port defines what port will be used in the destination end of the tunnel.
Configuring Tunnels
The following buttons are available for configuring outgoing and incoming tunnels.
- Add
Click the Add button to add a tunnel definition.
An Add New Tunnel dialog appears, allowing you to define the
name, type, listen port, destination host,
and destination port of the tunnel. With outgoing
tunnels you can also define if you allow local connections only.
Note that if you are tunneling an FTP connection, you must set the tunnel type as FTP.
- Edit
Select a tunnel definition from the displayed list and click
the Edit button to edit a previously defined
tunnel. An Edit Tunnel dialog appears, allowing
you to edit the name, listen port,
destination host, and destination port of the
outgoing tunnel. With outgoing tunnels you can also define if
you allow local connections only.
- Remove
Select a tunnel definition from the displayed list and click the Remove button to remove a previously defined tunnel. Note that the selected tunnel will be removed immediately, with no confirmation dialog being displayed.
Tunnel X11 connections
The Secure Shell 2 client can securely tunnel X11
connections from the remote host computer to
an X-Windows server running on the local computer.
Check the Tunnel X11 connections check box to enable
secure X11 tunneling.
Note: You must also be running an X emulator such as Exceed or Reflections X on the Windows computer for X11 tunneling to work.
Agent Forwarding
Authentication agent (ssh-agent2
) is a program to automatize the use of authentication private keys. When you use the agent, it will be automatically used for public-key authentication. This way, you only have to type the passphrase of your private key once to the agent. Furthermore, authentication data does not have to be stored on any other machine than the local machine, and authentication passphrases or private keys never go over the network.
Agent forwarding can be enabled or disabled based on the ssh protocol used. Select the check box for any of the options you want to use:
- Enable for SSH2 connections
Agent forwarding can be used for SSH2 connections.
- Enable SSH1 agent forwarding for SSH2 connections
SSH1 agent forwarding can be used for SSH2 connections.
- Enable for SSH1 connections
Agent forwarding can be used for SSH1 connections.
[Contents]
[Index]
[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]
Copyright © 2001 SSH Communications Security Corp
All rights reserved.
Copyright Notice