Essentially you are setting up a new secure communications channel, and telling the OS that any connections to port A should really go over the new channel. I forget the syntax for the ssh commandline client, but the various ssh gui clients generally make it easy to setup as well. There are 2 parts to it: the local and remote end. You say for localhost port X, really use port Y which maps to IP & Port Z. I'm saying this badly so here's some example docs:

Onlamp.com, Linux Journal, User written

An example:
workstation uses port 119 for nntp
portforward localhost:9119 for localhost:119 to your.news.server:119