Say you have a load a kit on a private network behind a “bridge” PC and you want to be able to connect directly to machines on the private network from your main network, maybe remote debugging etc. SSH can be used to open up ports on the bridge PC which can let machines on the main network “see through” onto your network.
# expose port 8787 on private_machine_1 as port 2000 on the bridge PC # Run the following on the bridge machine ssh -f localhost -g -L 2000:private_machine_1:8787 -N
The -g flag causes the port is opened up on all interfaces not just localhost interface.
Also discovered in my travels is the script ssh-copy-id. This updates a remote machines ~/.ssh/authorized_keys file.
ssh-copy-id -i ~/.ssh/id_rsa.pub firstname.lastname@example.org