Yes, I'm easy to amaze.

OpenSSH tunnels are so cool. I have a database/web app server I have to take care of in Calgary. Since the machine is behind a firewall and only ssh connections are allowed through, I can't connect directly to the web sever to use the web based management interface or for testing. I used to either open a graphical browser over the X11 connection ssh automatically sets up or use a text mode web browser.

It turns out that creating an ssh tunnel is a much better way to do things. I never really figured out what all the fuss was about with ssh tunneling, but I realized today why it's cool.

ssh -L 8300:localhost:80 mch@adams

That command allows me to log into the remote machine (adams is an entry in my /etc/hosts file) while setting up a tunnel. The -L switch tells ssh to listen on port 8300 on my desktop, and when it receives a connection, ssh connects to port 80 on localhost from the point of view of adams (i.e. itself).

This is really nice, since some programs only listen on 127.0.0.1 and not on an external interface, so they are practically firewalled.

Installation and testing of new versions of the web app is so much easier when I can use the browser on my desktop to do it!

AMAZING!