You are not logged in.

Pages: 1

#1 2012-04-26 23:17:04

AncientPC
Member
Registered: 2012-02-11
Posts: 52

[SOLVED] How to tunnel HTTP over SSH via SOCKS?

This should be a simple issue to solve, but for some reason it's not working for me.

`ssh vps` works just fine (I use authentication keys)

I set up the tunnel with the command:

ssh -C2TNv -D 8080 vps

I then modify Firefox network settings:

manual config

  • http proxy: localhost, port: 8080

  • use this proxy server for all protocols

  • SOCKS v5

about:config

  • network.proxy.socks_remote_dns: true

Terminal output:

    $ ssh -C2TNv -D 8080 vps
    OpenSSH_6.0p1, OpenSSL 1.0.1a 19 Apr 2012
    debug1: Reading configuration data /home/ting/.ssh/config
    debug1: /home/ting/.ssh/config line 47: Applying options for vps
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Connecting to vps.server.com [1.1.1.1] port 22.
    debug1: Connection established.
    debug1: identity file /home/ting/.ssh/id_rsa type 1
    debug1: identity file /home/ting/.ssh/id_rsa-cert type -1
    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-6+squeeze1
    debug1: match: OpenSSH_5.5p1 Debian-6+squeeze1 pat OpenSSH_5*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_6.0
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-ctr hmac-md5 zlib@openssh.com
    debug1: kex: client->server aes128-ctr hmac-md5 zlib@openssh.com
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Server host key: RSA <removed>
    debug1: Host 'vps.server.com' is known and matches the RSA host key.
    debug1: Found key in /home/ting/.ssh/known_hosts:10
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: Roaming not allowed by server
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,password
    debug1: Next authentication method: publickey
    debug1: Offering RSA public key: /home/ting/.ssh/id_rsa
    debug1: Server accepts key: pkalg ssh-rsa blen 279
    debug1: Enabling compression at level 6.
    debug1: Authentication succeeded (publickey).
    Authenticated to vps.server.com ([1.1.1.1]:22).
    debug1: Local connections to LOCALHOST:8080 forwarded to remote address socks:0
    debug1: Local forwarding listening on ::1 port 8080.
    debug1: channel 0: new [port listener]
    debug1: Local forwarding listening on 127.0.0.1 port 8080.
    debug1: channel 1: new [port listener]
    debug1: Requesting no-more-sessions@openssh.com
    debug1: Entering interactive session.

I then try visiting a site using Firefox, SSH output:

    debug1: Connection to port 8080 forwarding to socks port 0 requested.
    debug1: channel 2: new [dynamic-tcpip]
    debug1: channel 2: free: dynamic-tcpip, nchannels 3
    debug1: Connection to port 8080 forwarding to socks port 0 requested.
    debug1: channel 2: new [dynamic-tcpip]
    debug1: channel 2: free: dynamic-tcpip, nchannels 3

Despite the proxy seemingly working, visiting any site with Firefox just returns with the error "The connection was reset".

Last edited by AncientPC (2012-04-27 06:47:39)

Offline

#2 2012-04-27 06:02:58

Gcool
Member
Registered: 2011-08-16
Posts: 1,456

Re: [SOLVED] How to tunnel HTTP over SSH via SOCKS?

Try specifying where it needs to listen. So for example:

ssh -C2TNv -D 0.0.0.0:8080 vps

Or an alternative way with the using the -L option

ssh -C2TNvg -L 8080:localhost:8080 vps

Last edited by Gcool (2012-04-27 06:37:38)

Burninate!

Offline

#3 2012-04-27 06:47:10

AncientPC
Member
Registered: 2012-02-11
Posts: 52

Re: [SOLVED] How to tunnel HTTP over SSH via SOCKS?

I eventually figured it out from here:
http://superuser.com/questions/417397/h … -via-socks

It turns out my Firefox settings were wrong, only SOCKS Proxy needed to be filled in.

For future reference, you can test your SSH tunnel by using:

curl --socks5 127.0.0.1:8080 http://blah
curl --proxy 127.0.0.1:8080 http://blah

Offline

Pages: 1

Board footer

Powered by FluxBB