ssh dynamic tunneling

October 16th, 2006 mysurface Posted in Admin, ssh | Hits: 60966 | 8 Comments »

SSH is a very powerful tool, besides connecting to remote ssh server, execute command remotely and transfer files, it is port forwarding and ssh tunneling. In this example I am going to introduce you how to uses ssh to create a dynamic tunnel that makes your own computer as an internet proxy.

Let say you are currently using PC at school, the internet traffic was filtered, which makes you can access to a particular website. You are very frustrated, because you need to access that particular website. You have setup an ssh server at home and have enable the global port 8332 to forward the traffic to ssh port which is 22. Meaning that you can access ssh server from your school and you can setup a proxy that dynamically forward all ports from your house to a port at your current access school PC. By doing that, you can bypass the web filter at your school because with that you are accessing internet through ssh and through your house internet gateway.

I hope you can understand the illustration above. Okay cut the story short and lets get into the command line.
Assumption:
Your house DNS : myhouse.blogdns.com
Your username : mysurface
Your house ssh server port: 8332
The port that selected to be a proxy: 4445

ssh -p8332 -D4445 -N mysurface@myhouse.blogdns.com

It will prompt for a password, type your password, it will looks like hanging there without responding. But it means the dynamic tunnel is already setup. All ports from your house is already forwarded to your current access PC with local IP 127.0.0.1 with port 4445.

-N is to not actually login to ssh but hangs there, because your intention is to do port forwarding only. -D indicate dynamic forwarding, to ? your local network port 4445. -p ? your house ssh port.

If you ssh server have default port 22, and you don’t want to put -N, it works too.

ssh -D4445 mysurface@myhouse.blogdns.com

How to try out whether it works?
Okay, start your firefox(or any web browser), select Edit -> Preferences. At General tab, select “Connection Settings..” Select Manual proxy configuration. ONLY edit Sock v5 entry, the rest must leave it BLANK, put IP as 127.0.0.1 and port as 5554. OK.

Try to acces the web page supposely will be blocked by the school web filter. Done.

8 Responses to “ssh dynamic tunneling”

  1. [...] I remember I do post an example of how to do a dynamic tunnelling through ssh. [...]

  2. put IP as 127.0.0.1 and port as 5554.
    ———
    You sure you didn’t mean the port to be 4445?

  3. Hi
    i have’nt app for conect https port on iphone !
    Please help me i very need this app for iphone !

  4. [...] la red hay varios manuales dando vueltas, tal como es de esperarse. Incluso hay una gui. De hecho más que varios manuales hay muchos. El [...]

  5. I was wanting to know if you ever considered switching the design of your site? Its well written; I really like what youve got to say. But maybe you could add a little more in the way of written content so people could connect to it better. You have got an awful lot of wording for only having one or two photographs. Maybe you could space it out better?

  6. Discover who is spying on your E-mail account, computer or personal files.

  7. I do accept as true with all of the ideas you’ve presented for your post.
    They are really convincing and will definitely work.
    Nonetheless, the posts are very short for beginners. May just you please extend them a little from next time?
    Thanks for the post.

  8. Asking questions are really nice thing if you are not understanding anything completely, but this article presents
    pleasant understanding even.

Leave a Reply