PDA

View Full Version : SSH Tunneling



decoy4000
7th April 2008, 03:32 PM
I am behind a surf-control proxy server that blocks everything that is remotely NON-WORK related. Even Webcasts from reputable sites.

On the standard Windows supply system they gave me I can tunnel over SSH using Putty into my linux box at home, this gives me access to my mail server I run on it and also access to some of the blocked sites we have here in the office.

I am now working on project to see how we can integrate Apple Macs into our corporate environment.
With this I received permission to connect my MacBook to the network.

My problem:

I cannot get the same SSH Tunnel to work on the Mac. I have set the proxy settings under a new Network Location Called work and can access the internet.
My router at home is set to forward SSH requests from Port 443 to port 22 on the Linux box running SSHD.

I found a handful of gui apps that makes the setting up of these tunnels very easy, but all of them time out and don't seem to do anything.
If I try the command line, the host is not found.

Would the command line go to the proxy to access outside host names?

thanks

Huy
7th April 2008, 03:35 PM
I have no problems tunneling via Terminal.

ssh -l <username> -L <local port>:<proxy>:<proxy port> <server>

Then set your browser/whatever to use localhost:<local port>

Works for me. :)

decryption
7th April 2008, 03:36 PM
I use the command "ssh -D 1081 (servername)", this connects to the server on port 22 that I want to access the internet with.

Then set your proxy in your web browser to be localhost running on port 1081, that means all requests for www in that browser will go out via port 1081 to your server.

iPirate
7th April 2008, 06:26 PM
To connect: ssh -P <portnumber> <userlogin>@<server>

In your case: ssh -P 443 username@homeRouter

Add the other -L or -D flags (-L for proxy server with http, https, ftp, etc, -D for SOCKS proxy) for the actual internet forwarding.

Hope that helped.

decoy4000
7th April 2008, 07:04 PM
Thanks... I will try these settings locally tonight, and then confirm tomorrow when I get back into the office.

avolve
7th April 2008, 07:43 PM
anyone able to offer a link to a layman's guide to ssh tunneling (wifi with a proxy server)??

decoy4000
8th April 2008, 08:25 AM
The command iPirate suggested worked when directly connected to the internet.
But now that I am back in the office and have to connect via the proxy I cannot resolve the host name??

Any ideas, it seems like the CLI cannot access the internet via the proxy settings under network locations.

themacuser
8th April 2008, 09:43 AM
The command iPirate suggested worked when directly connected to the internet.
But now that I am back in the office and have to connect via the proxy I cannot resolve the host name??

Any ideas, it seems like the CLI cannot access the internet via the proxy settings under network locations.

You need to install corkscrew (corkscrew (http://www.agroman.net/corkscrew/)) and add:

-o "ProxyCommand /path/to/corkscrew proxy.example.com 8080 %h %p /path/to/password/file" to your commandline.

The password file simply has your username/password in it like this:

username:password

decoy4000
8th April 2008, 10:34 AM
Any other compiled alternatives?