37

I need to create SSH tunnel with PuTTY in Windows, that would do the same as this command in Linux:

ssh -fN -L 2000:SomeIp:2000 myusername@myLinuxBox

I tried many options in PuTTY, including setting source port in GUI to "2000" and destination to "SomeIp:2000". Destination is set to local (as the -L switch suggests).

I successfully login to my SSH box but port forward is not made.

Is this even possible in Windows, so that all the connections made by programs that use this port (2000) will go through this tunnel?

Martin Prikryl
  • 188,800
  • 56
  • 490
  • 992
DixieFlatline
  • 7,895
  • 24
  • 95
  • 147

5 Answers5

32

With the PuTTY suite, you can set up a tunnel either using the PuTTY itself (GUI) or using the command-line tool plink.exe.

With the plink.exe, you use the same arguments as with the OpenSSH ssh, except for the -f, which does not have an equivalent in Windows.

plink.exe -N -L 2000:SomeIp:2000 myusername@myLinuxBox

Reference: Using the command-line connection tool Plink

With the PuTTY, the -L 2000:SomeIp:2000 translates to:

PuTTY tunnel settings

So it's actually, what you claim to have tried. If you have any problems, use the PuTTY event log to investigate:

PuTTY event log

The -N translates to the option "Don't start a shell or command at all".

PuTTY option Don't start a shell or command at all

But it probably does not make sense with a GUI client to enable it, as you get a window anyway, you just cannot do anything with it. See also the PuTTY wish no-terminal-window.

If you are going to use the tunnel to connect with PuTTY to another server, you can actually set up the tunnel as a part of the session settings with use of plink as a proxy, see: PuTTY configuration equivalent to OpenSSH ProxyCommand.

Martin Prikryl
  • 188,800
  • 56
  • 490
  • 992
14

You probably want to use plink.exe instead of the GUI client. The command line syntax is compatible iirc.

Barend
  • 17,296
  • 2
  • 61
  • 80
  • I've tried plink with but it seems ports are not forwarded. How to check if ports are forwarded once you logged in to remote sshbox? – DixieFlatline Feb 12 '11 at 09:22
  • I don't know of any server-side command to view which tunnels have been created by clients. Perhaps someone on serverfault can help you there :-). – Barend Feb 12 '11 at 12:14
  • Regarding the investigation: The local port forwarding rule opens a listening port on the local side only. No forwarding is created (so there's nothing detect on the remote side), until you actually try to connect to the local port. – Martin Prikryl Mar 20 '15 at 14:42
12

Or you can wade through the putty GUI, which also allows this. See Connection > SSH > Tunnels on the left side with the option tree.

enter image description here

user
  • 5,335
  • 7
  • 47
  • 63
user611775
  • 1,323
  • 7
  • 11
  • 1
    I have tried setting many different optins from GUi, but forward is still not working. How can i display all forwards after i login to my sshbox? – DixieFlatline Feb 12 '11 at 09:14
3

The answers above mention two different ways of resolving the problem:

  • using plink
  • using putty GUI

I don't have plink and I can't download the plink.exe file (it is a closely monitored restricted environment) so used a different way to script the solution with a one-line script:

start putty -ssh myusername@myLinuxBox -pw my_pw -L 2000:localhost:2000

Store this in a batch file (file extension ".bat", e.g. "tunnel.bat"). So every time you double-click on this file the command is run and putty creates the ssh tunnel. If you want more tunnels just repeat this part

-L 2000:localhost:2000

by changing the ports accordingly.

Nick
  • 2,924
  • 4
  • 36
  • 43
  • OK, but this does the same what Plink does. – Martin Prikryl Jul 05 '19 at 14:08
  • @MartinPrikryl Sure. However, I can’t install plink as I lack privileges. But I do have putty and would like to script the solution. This is what my answer achieves. – Nick Jul 05 '19 at 14:26
  • 1
    OK, so maybe mention that in your answer. Ntb, Plink does not need any installation, just grab the .exe file. – Martin Prikryl Jul 05 '19 at 14:29
  • @MartinPrikryl Thanks - edits done. Exe downloads are blocked by the firewall so for me this is the only way to script the solution. – Nick Jul 05 '19 at 14:40
2

"Source" port is a port number on the same machine from which you are running putty (eg. open this in your browser: 127.0.0.1:source). "Destination" is your remote port that you want to connect to from your local machine. It started to work after I realized this.

Ivan G.
  • 21
  • 1