I just learned the basics of SSH tunneling from googling.
I saw this interesting question: How does reverse SSH tunneling work?
But I still find it a bit confusing, more specifically on the user@host.com part.
So on one of the answers, there are 4 use cases. Here's how I understand them. Please correct me if I'm wrong. For simplicity, I'll assume I'm running the ssh commands on my local machine.
ssh -L 123:localhost:456 user@example.com- This will forward all traffic from port 123 on my local machine to port 456 on example.com. But example.com would see the traffic coming from its own localhost.
ssh -L 123:google.com:456 user@example.com- This will forward all traffic from port 123 on my local machine to port 456 on google.com. After that it will establish an ssh session to example.com. This doesn't make sense to me, why do we need user@example.com in this case?
ssh -R 123:localhost:456 user@example.com- This will establish an ssh session to user@example.com and forward all traffic from port 123 on example.com to port 456 on my local machine. My local machine will then see the traffic as coming from localhost.
ssh -R 123:google.com:456 user@example.com- This will establish an ssh session to user@example.com and forward all traffic from port 123 on example.com to port 456 on google.com. Unlike #2, example.com is used as the remote host.
So my question is: Why do we need user@example.com on #2? And did I get anything wrong?
UPDATE
Ok, I think I get it now. I have misunderstood about the user@example.com part and thought it was optional. It seems the ssh session is being established first, then the port:host:port is evaluated afterwards.
eg: For #2, it would establish the session to example.com first then forward traffic to google.com:456. For #1, it would establish the session to example.com first then forward traffic to localhost:456 (which is the same host)
