[ale] ssh -D : the Coolest ssh trick yet.

Robert L. Harris Robert.L.Harris at rdlg.net
Thu Mar 20 09:19:33 EST 2003



WAIT!!!!  Useful Linux related information that's not blatanltly WAY off
topic or politically motivated on the ALE list?????  MY GOD what is
going on!!!!


On a more serious note, great info, it's been archived :>

Thanks,
  Robert

Thus spake David Bronson (dbron at roman.net):

> Thanks John (and Jason),
> 
> I use ssh daily but I haven't used the -D switch. You both should get an
> Ale gift certificate or something valuable like that.
> 
> On Thu, Mar 20, 2003 at 09:08:29AM -0500, John Wells wrote:
> > In response to a question of mine awhile back, Jason Day pointed out the
> > -D flag to ssh, which allows ssh to function as a Socks v4 proxy.
> > 
> > Just wanted to forward this to the group, in case anyone missed it.  It
> > has to be the coolest trick I've learned this year.  It essentially
> > allows you to bypass any firewall or web filtering software (at least
> > for those applications that support Socks v4 proxies).
> > 
> > So, for two years now I've been unable to do certain things from work
> > because they required access via a web brower to uncommon port numbers
> > (6801, etc.) that are blocked by our company's firewall.  I've also been
> > wary that Big Brother watches everything I do online here at work.  Not
> > that I do anything like surf for pr0n or anything like that, but it's
> > just that unsettling feeling of being watched.
> > 
> > Anyway, ssh -D ends all that trouble.
> > 
> > Here's how you do it:
> > 
> > First, you have to have a box outside the firewall that you're able to
> > ssh into.  I have a home mail server on my DSL connection, and that
> > works just fine.  Second, your company's firewall has to allow ssh
> > through (ours does, fortunately).
> > 
> > So, it's as simple as connecting to your home machine using the -D flag,
> > followed by a port number that's not in use on your local machine.
> > 
> > ssh -D 5555 mylogin at my.homemachine.org
> > 
> > Once you're logged in, point whatever application you want to run
> > through the proxy to localhost:5555.  For mozilla, go to
> > Edit->Preferences->Advanced->Proxies.  Choose "Manual proxy
> > configuration".  In the SOCKS HOST: box, put 127.0.0.1, and in the Port
> > box to the right put 5555 (or whatever port you used).  Also, select the
> > SOCKS v4 radio button below these boxes.
> > 
> > Ok out of the Preferences dialog, and there you go.  Secure web surfing
> > from your company's LAN.
> > 
> > Make sure you don't close the terminal that's logged into your home
> > machine while you're using this feature.
> > 
> > Thanks to Jason for pointing this out.
> > 
> > John
> > 
> > 
> > 
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
> 
> -- 
> David Bronson
> Network Administrator
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

:wq!
---------------------------------------------------------------------------
Robert L. Harris                     | PGP Key ID: E344DA3B
                                         @ x-hkp://pgp.mit.edu 
DISCLAIMER:
      These are MY OPINIONS ALONE.  I speak for no-one else.

Diagnosis: witzelsucht  	

IPv6 = robert at ipv6.rdlg.net	http://ipv6.rdlg.net
IPv4 = robert at mail.rdlg.net	http://www.rdlg.net

 PGP signature




More information about the Ale mailing list