Right, but you're connected to a "known" host you need to keep secure as well. So you have two machines to worry about, right? I also am not one to keep more sshds running than I need to—but I guess the chances of this being exploited are slim. Are they as slim as having your laptop stolen, though? (Genuinely curious—this seems like something you'd want to consider before using something like this.)

But absolutely, it isn't like you've left an open door into your computer.

Is it more likely? That depends on how often you leave your laptop unattended. :)

I, and pretty much every hacker I know, have some machine they can SSH to on the internet, somewhere. The only added risk is exposing your laptop to an attack against the SSH daemon, which involves either weak passwords, weak/unsecured keys, or an SSH server vulnerability. The first two are easily mitigated. The third is incredibly infrequent, and when it does happen, you've got bigger problems to worry about.

Almost all SSH attacks target port 22, not a random high port, so you're unlikely to even see connections to that tunnel in the first place.

Finally, you don't even need to trust the remote machine, since SSH will authenticate the laptop's host key through the tunnel. MITM attacks are possible against SSHv1, but pretty much everyone is on v2 these days.

Those are good points. I appreciate your responses—I definitely don't want to be seen as putting your program down, and I'm genuinely curious about what I was asking.

I suppose the increased risk is small, and probably nothing to worry about. Cheers!