SSH is a fantastic application. If you have SSH access to a server, you can use it as a VPN to access non-public services on the remote machine or any other on the network the remote machine has access to.
The format for an SSH tunnel is this:
$:>ssh user@remoteserver -L your_computer_address:localport:service_host_address:service_port
For instance, to access a protected web server on the host "intranet" by tunneling through "server01" you would run:
$:>sudo ssh metalcoder@server01 -L 127.0.0.1:80:intranet:80
(sudo is required to forward privileged ports, i.e. < 1024)
With SMB and some other services running on you Mac, it's not quite as easy. Your Mac will be "smart" and refuse tunneling things on 127.0.0.1 to remote services if the same service is running locally. It will say:
The server 'localhost' is available on your computer
But, there's a trick.
You can assign a different local address to your loopback device lo0 and tunnel using that:
$:>sudo ifconfig lo0 127.0.0.2 alias up $:>ssh user@remote -L 127.0.0.2:445:smbhost:445
Now you can access the remote SMB host by the address:
Credit where credit is due, I found it here: