![]() ![]() Whenever a connection is made to this port or Unix socket, the connection is forwarded over the secure channel,Īnd a connection is made from the local machine to either an explicit destination specified by host port hostport, or local_socket, or, if no explicit destination was specified, ssh will act as a SOCKS 4/5 proxy and for‐ This works by allocating a socket to listen to either a TCP port or to a Unix socket on the remote side. Specifies that connections to the given TCP port or Unix socket on the remote (server) host are to be forwarded to the local side. ![]() This works because the -R flag will fallback to a SOCK4/5 proxy if no destination host is provided. And the encrypted tunnels aren't too bad for speed either, actually.You can use -R flag with SOCKS4/5 behavior, this is built-in and it does not require a long command as proposed by $ ssh -R 1080 noinet You can make any box talk to any box as long as you have something to bounce a connection off of. Or if you used "-g", you could just connect the intermediary server directly as a Proxy, but the connection to it wouldn't be encrypted until it made it to the server: ssh -p 7591 -D 7592įrom here, you can point proxy settings for web browsers, or your desktop manager, or network tools to look at 127.0.0.1 on port 7592, and they will all be routed through the proxy. To open up a SOCKS proxy on this port you could: ssh -p 7591 -D 7592 Suddenly, you have access to that box on the other side of both firewalls because of the reverse SSH tunnel before on port 7591. ( Note: This is safer, but if you used -g last time you may omit this step) To get access to SSH on that box you need to connect to the intermediary box again: ssh -L 7591:127.0.0.1:7590 You can even use it as a SOCKS proxy like how OP mentioned. You will probably need to set up your local DNS resolver, which will forward the requests to the proxy. To forward DNS requests, it will be more complicated, because low-level functions in openssh do not respect environmental variables. Now that you're set up, any time you want access to that network, you can connect to that box regardless of firewall restrictions. ssh -o Prox圜ommand'nc -X 5 -proxy 127.0.0.1:8088 h p' userhost. This setup can be behind a closed port if you want to keep that connection private. (This of course requires physical access to the box momentarily, but you can leave the connection open) This would forward your port 22 (127.0.0.1:22) to the box you SSH'd to on port 7590. Though often you may have access to a server somewhere between your network and the target network, in a case like this "Bouncing" your connection around is a good option.įrom the box you can't SSH to directly, you'll need to get it to "Reverse tunnel" a port, which can be done with SSH's -R switch, so, if you wanted to forward your SSH port to another box you could: ssh -R 7590:127.0.0.1:22Īlternatively, you could open up the port and make it accessible to external hosts on the intermediary box with the "-g" switch. The SSH trick mentioned above only works if you can SSH into a box with the network you want, the problem is that is not always the case because of firewalls, and other network hurdles. Something that it sounds like that OP may be interested in would be SSH tunneling arbitrary ports. ![]() Yep! I use this all the time to get US Netflix. Does a locally-dns-resolved tunnel defeat the purpose? Switched to remote dns, and I'm getting pretty unresponsive results, though. ![]() IMPORTANT EDIT: See puffybaba's comment about remote dns. You get to watch comedycentral shows during your trip to North KoreaĪnd your ISP can't pin your dirty torrenting to your home (they'll pin it on your remote box, though, so.)Įdit: You usually get much higher DL/UL speeds, I'm not entirely sure why. #SSH PROXY LINUX TORRENT#Your router doesn't get confused by the connection attempts from torrent peers You can't be monitored by your access point You setup Firefox or your torrent client (qBittorrent plays well with SOCKS5) to use socks 5 server 127.0.0.1 (or localhost) port 7654. Ssh -D 7654 333.333.333.333 is the remote address, and 7654 is any local port on your PC. Here's a quick and dirty replacement, if you have ssh access to another box, using SOCKS 5: You want to stream regionalised content from another country You are being monitored (work, library wifi) You have a dumb router that doesn't play well with torrents There's times when you could really use a VPN: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |