What is the difference between SSH and SSH Tunneling

If you add tunneling to your SSH session, there is an additional data stream created for the tunnel over the same encrypted connection. You also can create more than one tunnel or don't start an interactive session (with the -N parameter). So, basically, there is no real difference, just different methods to use the encrypted connection.


SSH is really a generic secure communication mechanism which can transport arbitrary data over an insecure underlying channel. By default this data is a shell session (i.e. your local terminal is connected to a shell running on the remote system), but there are different types of data which can be transported.

One such type is a stream socket connection (e.g. a TCP connection), which is called tunnelling. The SSH client listens on a TCP port and transports any connections made to that port over the secure channel and exits the connection from the remote system.

By default when you setup a tunnel you still get a shell, i.e. the SSH client is transporting two types of data over the same connection (the tunnel and the shell). You can disable the shell with the -N parameter.