Tunneling network connections through SSH

Sometimes you may want to tunnel your connections through a secure SSH connection, because you want the traffic to be encrypted, because of any restrictive access rule in your firewall, or any other reason.
I assume you have a regular account in a machine running an OpenSSH server, an OpenSSH client installed in your machine, and you’re running Linux.
What you have to do is to bounce all network connections through a SOCKS4 / SOCKS5 local proxy created by the SSH connection, that can be done using the -D option on the OpenSSH client call, in conjunction with the tsocks library. tsocks is basically a library which intercepts network connections from any application, and redirects them through a SOCKS server, if you’re using Ubuntu there’s also a script with the same name which wraps it, allowing you to enable and disable the connection forwarding.

At first you’ll need to configure the SOCKS server and port in the tsocks configuration file, for that edit the file /etc/tsocks.conf and set the following options:

server = 127.0.0.1
server_port = 1080

Then, do the SSH connection:

user@host$ ssh -NfD 1080 user@remote

The “D” will create the local SOCKS proxy, binding it to the give port (1080 is the default one), the “f” tells the client to execute in the background after logging in and executing the command, and the “N” tells the client to not execute any command. So, it’ll just create the SOCKS server and go to background.

After that, just run the tsocks command (man tsocks for more information)

user@host$ tsocks

Now every connection done by every application you run in this shell session will be redirected through the SOCKS server, and will be done by the remote server.

Hope it helps someone! :)

Advertisements
  1. June 6th, 2011
    Trackback from : Snore Mouthpiece
  2. March 31st, 2012

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: