How do I configure to secure arbitrary TCP applications with the SSH port forwarding?

The SSH port forwarding is a good method of allowing secure, encrypted connections to traditionally non-encrypted services, such as POP3 for email, NNTP for news, etc. You can easily setup a port forwarding rule from Xshell. Simply put proper information to the Forwarding Rules dialog box.


If you are connecting from local client applications to the remote server application, you should set Xshell to forward the local port to the remote port.

Type(direction): Outgoing
Listen Port: a port on your machine
Remote Host: remote server to connect to
Remote Port: remote port on the remote host


If you are making secure connection to a POP3 server (mail.xyz.com:110) over Xshell, you may set as follows:

Listen Port: 5110
Remote Host: mail.xyz.com
Remote Port: 110


And, on the mail client(MS Outlook), you must setup the mail server and port.

Incoming mail server: localhost
Incoming mail port: 5110


The POP3 client will connect to Xshell at local rather than connecting to the remote mail server directly. Xshell forwards all traffics to the mail server over the secure tunnel and transfers all traffics received from the mail server to the POP3 client.