Source: http://www.revsys.com/writings/quicktips/ssh-tunnel.

html

Quick-Tip: SSH Tunneling Made Easy

By Frank Wiles

I was surprised to how long it took me to find a good HOWTO on setting up a simple
SSH tunnel that I wanted to write up this Quick-Tip.
Using OpenSSH on a Linux/Unix system you can tunnel all of the traffic from your
local box to a remote box that you have an account on.
For example I tunnel all of my outbound E-mail traffic back to my personal server to
avoid having to change SMTP servers, use SMTP-AUTH, etc. when I am behind
firewalls. I find that hotel firewalls, wireless access points, and the other various NATing
devices you end up behind while traveling often do not play nice.
To do this I use the following:
ssh -f user@personal-server.com -L 2000:personal-server.com:25 -N

The -f tells ssh to go into the background just before it executes the command. This is
followed by the username and server you are logging into. The -L 2000:personalserver.com:25 is in the form of -L local-port:host:remote-port. Finally the -N instructs
OpenSSH to not execute a command on the remote system.
This essentially forwards the local port 2000 to port 25 on personal-server.com over, with
nice benefit of being encrypted. I then simply point my E-mail client to use
localhost:2000 as the SMTP server and we're off to the races.
Another useful feature of port forwarding is for getting around pesky firewall restrictions.
For example, a firewall I was behind recently did not allow outbound Jabber protocol
traffic to talk.google.com. With this command:
ssh -f -L 3000:talk.google.com:5222 home -N

I was able to send my Google Talk traffic encrypted through the firewall back to my
server at home and then out to Google. 'home' here is just an SSH alias to my server at
home. All I had to do was reconfigure my Jabber client to use localhost as the server and
the port 3000 that I had configured.