SSH is a very powerful tool, besides connecting to remote ssh server, execute command remotely and transfer files, it is port forwarding and ssh tunneling. In this example I am going to introduce you how to uses ssh to create a dynamic tunnel that makes your own computer as an internet proxy.
Let say you are currently using PC at school, the internet traffic was filtered, which makes you can access to a particular website. You are very frustrated, because you need to access that particular website. You have setup an ssh server at home and have enable the global port 8332 to forward the traffic to ssh port which is 22. Meaning that you can access ssh server from your school and you can setup a proxy that dynamically forward all ports from your house to a port at your current access school PC. By doing that, you can bypass the web filter at your school because with that you are accessing internet through ssh and through your house internet gateway.
I hope you can understand the illustration above. Okay cut the story short and lets get into the command line.
Your house DNS : myhouse.blogdns.com
Your username : mysurface
Your house ssh server port: 8332
The port that selected to be a proxy: 4445
ssh -p8332 -D4445 -N firstname.lastname@example.org
It will prompt for a password, type your password, it will looks like hanging there without responding. But it means the dynamic tunnel is already setup. All ports from your house is already forwarded to your current access PC with local IP 127.0.0.1 with port 4445.
-N is to not actually login to ssh but hangs there, because your intention is to do port forwarding only. -D indicate dynamic forwarding, to ? your local network port 4445. -p ? your house ssh port.
If you ssh server have default port 22, and you don’t want to put -N, it works too.
ssh -D4445 email@example.com
How to try out whether it works?
Okay, start your firefox(or any web browser), select Edit -> Preferences. At General tab, select “Connection Settings..” Select Manual proxy configuration. ONLY edit Sock v5 entry, the rest must leave it BLANK, put IP as 127.0.0.1 and port as 5554. OK.
Try to acces the web page supposely will be blocked by the school web filter. Done.