It is quiet interesting to learn something about the –D argument of OpenSSH. When you have been stuck on an “untrusted” Internet connection and need to log in (insecurely) to a certain site, you need this. For example, you connect to the Internet using a public hotspot and willing to visit a website with no way of logging in via HTTPS.
For the past few years, I’ve had this plan to get VPN. I know a way to establish a VPN tunnel using SSH. However, that involves a lot of configuration. I was already aware of OpenSSH’s –L option which simply forwards a local port through an SSH tunnel to a port on the remote machine. Very handy when you want to connect surely to a port on the remote machine. Very handy when you want to connect surely to a site hosted on that server and happen to have a shell account on it. But to do much more than that ranges from the complex to impossible. This is where –D comes in. The –D argument tells OpenSSH to be a SOCKS proxy. So you simply log in to the endpoint via SSH with the –D argument like:
ssh -D 1234 user@host.example.com
And then tell your web browser to use a SOCKS v5 proxy on localhost at the specified port and bingo, you have a secure connection to your endpoint. In fact, any application with SOCKS support can have its traffic routed through the SSH tunnel via SOCKS.
Some nice tips from this following article:
OpenSSH: The Poor Man's SOCKS Proxy
No comments:
Post a Comment