![]() ![]() Or if you used "-g", you could just connect the intermediary server directly as a Proxy, but the connection to it wouldn't be encrypted until it made it to the server: ssh -p 7591 -D 7592įrom here, you can point proxy settings for web browsers, or your desktop manager, or network tools to look at 127.0.0.1 on port 7592, and they will all be routed through the proxy. To open up a SOCKS proxy on this port you could: ssh -p 7591 -D 7592 Suddenly, you have access to that box on the other side of both firewalls because of the reverse SSH tunnel before on port 7591. ( Note: This is safer, but if you used -g last time you may omit this step) To get access to SSH on that box you need to connect to the intermediary box again: ssh -L 7591:127.0.0.1:7590 You can even use it as a SOCKS proxy like how OP mentioned. Now that you're set up, any time you want access to that network, you can connect to that box regardless of firewall restrictions. This setup can be behind a closed port if you want to keep that connection private. (This of course requires physical access to the box momentarily, but you can leave the connection open) This would forward your port 22 (127.0.0.1:22) to the box you SSH'd to on port 7590. Though often you may have access to a server somewhere between your network and the target network, in a case like this "Bouncing" your connection around is a good option.įrom the box you can't SSH to directly, you'll need to get it to "Reverse tunnel" a port, which can be done with SSH's -R switch, so, if you wanted to forward your SSH port to another box you could: ssh -R 7590:127.0.0.1:22Īlternatively, you could open up the port and make it accessible to external hosts on the intermediary box with the "-g" switch. The SSH trick mentioned above only works if you can SSH into a box with the network you want, the problem is that is not always the case because of firewalls, and other network hurdles. Something that it sounds like that OP may be interested in would be SSH tunneling arbitrary ports. Yep! I use this all the time to get US Netflix. Does a locally-dns-resolved tunnel defeat the purpose? ![]() Switched to remote dns, and I'm getting pretty unresponsive results, though. IMPORTANT EDIT: See puffybaba's comment about remote dns. You get to watch comedycentral shows during your trip to North KoreaĪnd your ISP can't pin your dirty torrenting to your home (they'll pin it on your remote box, though, so.)Įdit: You usually get much higher DL/UL speeds, I'm not entirely sure why. Your router doesn't get confused by the connection attempts from torrent peers You can't be monitored by your access point You setup Firefox or your torrent client (qBittorrent plays well with SOCKS5) to use socks 5 server 127.0.0.1 (or localhost) port 7654. Ssh -D 7654 333.333.333.333 is the remote address, and 7654 is any local port on your PC. Here's a quick and dirty replacement, if you have ssh access to another box, using SOCKS 5: You want to stream regionalised content from another country You are being monitored (work, library wifi) You have a dumb router that doesn't play well with torrents The general connection scheme is shown below.There's times when you could really use a VPN: In this example, we will create a local Port 8888, and the connection to it will be forwarded to the RDP port 3389 on a remote Windows computer. All connections to this port are forwarded to the specified port on a remote server via the SSH tunnel. In this mode, you create a local TCP port on your computer. RDP Access Through SSH Tunnel (Local TCP Forwarding)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |