Did you ever have a situation where you needed to access a website that had an IP restriction in place? I recently had a situation where I needed to access the web via my university connection (due to IP restrictions placed on accessing databases of research papers). They do not have a VPN setup so it is hard to do this off-campus.
I do however have access to a linux machine on campus. I am familiar with port forwarding using SSH but I had never used it to actually tunnel web traffic using a web browser on Windows. Turns out it is surprisingly easy!
The ssh command to use is:
ssh -C2qTnN -D 8080 username@remote_host
This command sshes to the remote_host, and creates a tunnel on your localhost, port 8080. Note that you need to have private key authentication already set up for this host – it will not work with password authentication.
The description of the switches are (from the ssh man page):
- -C : Compression
- -2 : Use SSHv2
- -q : quiet!
- -T : Disable pseuto-tty allocation
- -n : Prevents reading from stdin (you need to have private key authentication set up, to prevent password authentication)
- -N : Do not execute a remote command (or launch a shell). Just use the ssh process for port forwarding
- -D : Allocate a socket to listen on the local side. When a connection is made to this port it is located to the remote machine. Makes SSH work as a SOCKS server. Only root can forward privileged ports like this.
From here, you set up Firefox or your browser of choice to use a Socks proxy on localhost:8080. The man page says that SOCKS4 and SOCK5 should both work but I had to use SOCKS v4, SOCKS v5 did not seem to work for me.
10 comments
This is very cool, thanks. For a single use, meaning for the one purpose you described above, a slightly simpler redirect is with the -L switch to ssh. That way, you don’t change any Firefox prefs (meaning, no SOCKS). You merely surf to localhost:8080, and the one site you specifically want the remote site to bring up magically comes up. I have used that many times.
This is very cool, thanks. For a single use, meaning for the one purpose you described above, a slightly simpler redirect is with the -L switch to ssh. That way, you don’t change any Firefox prefs (meaning, no SOCKS). You merely surf to localhost:8080, and the one site you specifically want the remote site to bring up magically comes up. I have used that many times.
ok
ok
Don’t forget to set Firefox to use remote DNS as well!
Don’t forget to set Firefox to use remote DNS as well!
Comments are closed.