As the title says, I don't really understand the difference between them. For example, if I connect to a specific server through SSH without tunneling I get the same shell as I get with tunneling.
Asked
Active
Viewed 1.2k times
7
-
5In a few years you'll regret the username choice. :D – Aaron Copley Feb 22 '13 at 19:00
-
@AaronCopley maybe not, eh? :D – Anish Ramaswamy Nov 16 '16 at 20:38
2 Answers
6
If you add tunneling to your SSH session, there is an additional data stream created for the tunnel over the same encrypted connection. You also can create more than one tunnel or don't start an interactive session (with the -N parameter). So, basically, there is no real difference, just different methods to use the encrypted connection.
Sven
- 97,248
- 13
- 177
- 225
-
So from my understanding, using a regular SSH session without tunneling will connect to the server through the regular SSH port (22) while using the SSH tunneling will give me the option to connect to the server through other port. If I`m correct, you can bypass firewalls with SSH tunneling but with a regular SSH connection you can`t ? – newbie Feb 22 '13 at 18:59
-
Don't make a difference between "regular" and "tunneled" connections, there isn't any. Oversimplified, your "regular" SSH connection isn't much else than a shell ("telnet") session tunneled through an encrypted SSH connection. A lot of things are possible with SSH, including bypassing firewalls, but only if the firewall is configured to allow this and if you have a shell with your SSH connection isn't important in the end. – Sven Feb 22 '13 at 19:11
-
I`m very sorry but I still can`t understand this. Let`s take this scenario: I want to connect to an arbitrary server with SSH protocol but a Firewall stands between me and the server which blocks the SSH port (22). Now, The only way to establish the connection will be through Tunneling (while still using the SSH protocol) ? – newbie Feb 22 '13 at 19:20
-
If port 22 is blocked, I can't use SSH at all. Not for a shell session and not to create a tunnel for some other connection, because with SSH everything is going over the same connection and if this connection is blocked, I can't use it. – Sven Feb 22 '13 at 19:29
5
SSH is really a generic secure communication mechanism which can transport arbitrary data over an insecure underlying channel. By default this data is a shell session (i.e. your local terminal is connected to a shell running on the remote system), but there are different types of data which can be transported.
One such type is a stream socket connection (e.g. a TCP connection), which is called tunnelling. The SSH client listens on a TCP port and transports any connections made to that port over the secure channel and exits the connection from the remote system.
By default when you setup a tunnel you still get a shell, i.e. the SSH client is transporting two types of data over the same connection (the tunnel and the shell). You can disable the shell with the -N parameter.
mgorven
- 30,036
- 7
- 76
- 121
-
@newbie Glad it helped. You should accept the most useful answer by clicking the checkmark next to it. – mgorven Feb 22 '13 at 19:23
-
Then if we disable the Shell on a SSH Tunnel, do we call it just "Tunnel"? – another Apr 21 '18 at 17:23