SSH Communications Security
Index
SSH Home page
Previous Next Up [Contents] [Index]

    Introduction >>
    Configuration >>
        Saving Settings
        Multiple Settings Files
        Loading Settings
        Profile Settings >>
            Connection
            Authentication
            Cipher List
            Colors
            Keyboard
            Keymap Editor
            Tunneling
        Global Settings>>
        Customize
    Connecting >>
    Terminal Window >>
    File Transfer >>
    Toolbar Reference >>
    Menu Reference >>
    Advanced Information >>
    Troubleshooting >>
    Appendices >>

Tunneling

Tunneling settings are configured using the Tunneling page of the Settings dialog. Any changed tunneling settings will take effect the next time you login.


tunneling-page-9.gif
Figure : The Tunneling page of the Settings dialog.

The outgoing and incoming tunnel settings are configured using the Outgoing and Incoming tabs of the Tunneling page.

Outgoing Tunnel

Outgoing tunnels protect data that your local computer sends from a specified local port to the specified port on the remote host computer. Click the Outgoing tab to edit outgoing tunnel definitions.

The following fields are used to define an outgoing tunnel. These values can be edited by clicking the Add or Edit buttons on the Outgoing page of the Settings dialog.

  • Display Name

    The name of the tunnel definition. You can use this field to type in a descriptive name that will help you to recognize this tunnel definition later on.

  • Type

    Select the type of the tunnel from the dropdown list. Valid choices are TCP and FTP.

  • Listen Port

    This is the number of the port that the tunnel 'listens to', or captures.

  • Allow Local Connections Only

    Leave a check mark in this box if you allow only local connections to be made. This means that other computers will not be able to use the tunnel created by you. By default, only local connections are allowed. This is the right choice for most situations. You should carefully consider the security implications if you decide to also allow outside connections.

  • Destination Host

    This field defines the destination host of the tunnel. The default value is localhost.

    Note: The value of localhost is resolved after the Secure Shell connection has been established - so localhost will refer to the remote host computer you have connected to.

  • Destination Port

    The destination port defines what port will be used in the destination end of the tunnel.

Incoming Tunnel

Incoming tunnels protect the data that your local computer is receiving on a specified port from the remote host computer's specified port. Click the Incoming tab to edit incoming tunnel definitions.

The following fields are used to define an incoming tunnel. These values can be edited by clicking the Add or Edit buttons.

  • Display Name

    The name of the tunnel definition. You can use this field to type in a descriptive name that will help you to recognize this tunnel definition later on.

  • Type

    Select the type of the tunnel from the dropdown list. Valid choices are TCP and FTP.

  • Listen Port

    The port that the tunnel 'listens to', or captures from the remote host computer.

  • Destination Host

    This field defines the destination host of the tunnel. The default value is localhost.

  • Destination Port

    The destination port defines what port will be used in the destination end of the tunnel.

Configuring Tunnels

The following buttons are available for configuring outgoing and incoming tunnels.

  • Add

    Click the Add button to add a tunnel definition. An Add New Tunnel dialog appears, allowing you to define the name, type, listen port, destination host, and destination port of the tunnel. With outgoing tunnels you can also define if you allow local connections only.

    Note that if you are tunneling an FTP connection, you must set the tunnel type as FTP.

  • Edit

    Select a tunnel definition from the displayed list and click the Edit button to edit a previously defined tunnel. An Edit Tunnel dialog appears, allowing you to edit the name, listen port, destination host, and destination port of the outgoing tunnel. With outgoing tunnels you can also define if you allow local connections only.

  • Remove

    Select a tunnel definition from the displayed list and click the Remove button to remove a previously defined tunnel. Note that the selected tunnel will be removed immediately, with no confirmation dialog being displayed.

Tunnel X11 connections

The Secure Shell 2 client can securely tunnel X11 connections from the remote host computer to an X-Windows server running on the local computer. Check the Tunnel X11 connections check box to enable secure X11 tunneling.

Note: You must also be running an X emulator such as Exceed or Reflections X on the Windows computer for X11 tunneling to work.

Agent Forwarding

Authentication agent (ssh-agent2) is a program to automatize the use of authentication private keys. When you use the agent, it will be automatically used for public-key authentication. This way, you only have to type the passphrase of your private key once to the agent. Furthermore, authentication data does not have to be stored on any other machine than the local machine, and authentication passphrases or private keys never go over the network.

Agent forwarding can be enabled or disabled based on the ssh protocol used. Select the check box for any of the options you want to use:

  • Enable for SSH2 connections

    Agent forwarding can be used for SSH2 connections.

  • Enable SSH1 agent forwarding for SSH2 connections

    SSH1 agent forwarding can be used for SSH2 connections.

  • Enable for SSH1 connections

    Agent forwarding can be used for SSH1 connections.

Previous Next Up [Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2001 SSH Communications Security Corp
All rights reserved.
Copyright Notice