This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
linux:creating_an_ssh_tunnel [2011/03/04 17:15] Joel Dare created |
linux:creating_an_ssh_tunnel [2020/06/01 22:53] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Creating an SSH Tunnel / SSL Proxy ====== | ||
+ | |||
+ | You can use SSH to create a secure "tunnel". Your traffic will be encrypted and sent through the secure tunnel. This has lots of advantages. It will encrypt data transmitted over a public WiFi connection to help prevent spying. It can get around firewall configurations. It can also hide your IP address (using the machine you SSH into instead of your own IP). Because SSH includes a socks proxy, it's very easy to setup. | ||
+ | |||
+ | ===== Open the SSH Connection ===== | ||
+ | |||
+ | First, open an SSH connection to the server you want to filter your traffic through. Here's the command to make the connection. | ||
+ | |||
+ | ssh -D <port> <user>@<host> | ||
+ | | ||
+ | Assuming I want to create a socks proxy at port 8080 on my local machine and I want that traffic filtered through my own user account (joel) on my own domain (joeldare.com), I might run the following command. | ||
+ | |||
+ | ssh -D 8080 joel@joeldare.com | ||
+ | | ||
+ | If I haven't setup keys, SSH will ask for a password and log me into the system normally. It will also setup a SOCKS proxy. Now, I need to configure my browser. | ||
+ | |||
+ | ===== Configure Your Browser ===== | ||
+ | |||
+ | In FireFox, I do the following. | ||
+ | |||
+ | - Select the //Edit//, //Preferences// menu. | ||
+ | - Select the //Advanced// icon then the //Settings// button. | ||
+ | - Select the //Manual proxy configuration// option. | ||
+ | - Enter //localhost// next to //SOCKS Host// and then set the port to //8080//. | ||
+ | - Hit the //OK// button and then close the window. | ||
+ | |||
+ | Now browse the web. Use an IP lookup site (such as http://www.whatismyipaddress.com) to see if you are browsing over the SSH connection. | ||
+ | |||
+ | Note: Make sure you put //localhost// under the //SOCKS Host// and not under //HTTP Proxy//. | ||
+ | |||
+ | ===== Silence; I Kill You ===== | ||
+ | |||
+ | If you don't want to execute a command (such as a shell) you can use the //-N// option in SSH. If you've setup SSH keys for the server you can also use //&// to execute the process in the background. Your new command might look like the following. | ||
+ | |||
+ | SSH -N -D 8080 joel@joeldare.com & | ||