SSH Tunneling can be used for different purposes. You can tunnel your HTTP traffic to receive a certain IP address in order to hide your public IP. In other scenarios, SSH tunneling is used to use the Jump-Server concept, for having a single server to access all relevant other servers. Within my own network, I created a second network behind the first. For accessing it, it is required to tunnel through a gateway server; which is somehow the same as tunneling through a dedicated Jump-Server. Within the illustration the data flow is displayed with red lines (2 jumps):
For setting up such a tunnel, you can use any SSH client, such as PuTTY or even a simple terminal.
PuTTY SSH Tunneling
Within PuTTY, you defined the Jump-Server or Gateway-Server within, you would like to go through.
In the given case, the Gateway-Server is ssh.fas-consulting.de via Port 22.
Within Connection / SSH / Tunnels, local tunnels can be configured to the desired destination servers.
In the given example the local ports 18100, 18101 and 18102 are configured to forward the traffic to target.server at Port 22.
By connecting to the Gateway-Server, the local ports will be opened and rout any traffic through the created local ports to the defined target.server and its configured port. Within the illustration above, this creates the first red-line/jump from the user to the Gateway-Server. Afterwards, a second connection can be opened to access the target server through the Gateway-Server (2nd red-line / jump):
Terminal Tunneling
The first jump, which provides the local port to the Gateway-Server, can be established via the following command:
ssh -L 18100:target.server:22 user@gateway -N
Afterwards a connection can be established to the target server (2nd jump):
ssh nexus@localhost:18100
Please keep in mind, that you can chose any local port you like. Port 18100 is just an example. Also keep in mind, that privileged ports (localport lower then 1024) can only be forwarded by root. Another example for this kind of tunneling can be found hat LiNUX Horizon.ro.