TL;DR:
| Remote Port we want forwarded | 11138 |
| Local Port where we want it to be accessible | 11139 |
| Server hosting the service at 11138 | remote.example.com |
ssh -L 11139:localhost:11138 remote.example.com
The good thing about this is that the connection is secured/encrypted by SSH. Sometimes we can have a development server or a service that doesn't support encryption and we need to access it securely. Having the service only listen to local connections doesn't expose it to the internet and with something like the code above, we can access it securely from another computer.
Background: Talking with some graduate friends at Purdue a few months ago this came up. They needed help accessing their research on a remote server securely. This was a quick solution I gave them.