DeskTux

Linux on Desktops

User Tools

Site Tools

Trace:
misc:ssh_tunneling

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
misc:ssh_tunneling [2016-02-16 14:32] – external edit 127.0.0.1misc:ssh_tunneling [2023-06-12 17:35] (current) – Added Socks Proxy tunneling jens
Line 1: Line 1:
 ====== SSH tunneling ====== ====== SSH tunneling ======
- 
 Sometimes you might be elsewhere, but need to log in to a system on your network via e.g. VNC or RDP. You don't have a VPN at hand, the firewall of course doesn't allow VNC or RDP and you are in desperate need of that connection. Sometimes you might be elsewhere, but need to log in to a system on your network via e.g. VNC or RDP. You don't have a VPN at hand, the firewall of course doesn't allow VNC or RDP and you are in desperate need of that connection.
  
Line 8: Line 7:
   ssh -C -N -L <local port>:<remote machine to connect to>:<remote port> <ssh-server>   ssh -C -N -L <local port>:<remote machine to connect to>:<remote port> <ssh-server>
 Afterwards, connect to ''localhost:<local port>'' and you are done! Afterwards, connect to ''localhost:<local port>'' and you are done!
 +
 +Note that it will seem as if your SSH connection hangs because no login will happen. That is normal, as soon as you <Control> + <c> the SSH it will also kill the tunnel.
  
 ===== Examples ===== ===== Examples =====
Line 29: Line 30:
 Then, connect your RDP viewer to localhost and you "get the picture": Then, connect your RDP viewer to localhost and you "get the picture":
   rdesktop localhost   rdesktop localhost
 +  
 +==== Website ====
 +There might be a situation when you want to tunnel a whole website through an SSH connection running to another host. For example, if you do not trust VPN providers (which you maybe shouldn't) but still want to circumvent certain geolocation issues.
 +
 +Websites can be tricky though because of heavy third-party integrations nowadays, so the easiest way to do that is to create a SOCKSv5 proxy and use that in your browser.
 +
 +To start the proxy, run this SSH command:
 +  ssh -C -N -D 8080 <remote machine to connect to>
 +
 +Afterwards, use ''localhost'' and port 8080 as the SOCKSv5 proxy in your browser. Please refer to your browsers manual where and how to set a Proxy, I find it easiest in Firefox:
 +
 +Menu -> Settings -> General -> Network Settings -> Settings -> Manual Proxy Configuration
  
 ===== SSH Options ===== ===== SSH Options =====
 These SSH options are used: These SSH options are used:
 ^ -C | Use compression\\ Don't use this option on slow machines! | ^ -C | Use compression\\ Don't use this option on slow machines! |
 +^ -D | Create a local SOCKS port                                 |
 ^ -N | Don't execute a remote command (no login prompt)          | ^ -N | Don't execute a remote command (no login prompt)          |
 ^ -L | Use port forwarding (tunneling)                           | ^ -L | Use port forwarding (tunneling)                           |
  
 For more information please see ''man ssh''. For more information please see ''man ssh''.
misc/ssh_tunneling.txt · Last modified: 2023-06-12 17:35 by jens