You are not logged in.
- Topics: Active | Unanswered
#1 2008-01-05 09:22:20
- Shagbag
- Member
- Registered: 2006-10-25
- Posts: 259
OpenSSH local port forwarding question
I don't know a lot about port forwarding and what I've read has confused me a little.
Can I use local port forwarding on my laptop to encrypt a connection to my home server (it has a fixed IP address) and then use the server's port 80 to browse the internet? In other words, if I'm sitting in Starbucks using their free WiFi can I browse 'anonymously' by effectively browsing through my home server's connection?
I already know that I can connect remotely to my server and forward its port 80 to my local laptop and then point the laptop's Firefox so that I can access my home ADSL modem/router/gateway by the following command:
ssh -L 8000:my.serverfixedIPaddress.net:80 user@my.serverfixedIPaddress.net
and then put
http://localhost:8000/
in Firefox's navigation bar.
But how can I browse the web in this way, if at all?
Last edited by Shagbag (2008-01-05 09:25:38)
Offline
#2 2008-01-05 09:37:45
- Allan
- Pacman
- From: Brisbane, AU
- Registered: 2007-06-09
- Posts: 11,400
- Website
Re: OpenSSH local port forwarding question
I use "ssh -D 7777 user@server" then set Firefox to use a proxy of 127.0.0.1:7777. Can't remember if you only need to set the socks host or all hosts using that info.
Offline
#3 2008-01-05 19:10:28
- underpenguin
- Member
- Registered: 2007-02-01
- Posts: 116
Re: OpenSSH local port forwarding question
that will only work if you have a proxy server listening at 'server', though, right?
also, ShagBag look up 'ssh tunneling"
Offline
#4 2008-01-05 21:20:49
- Shagbag
- Member
- Registered: 2006-10-25
- Posts: 259
Re: OpenSSH local port forwarding question
Thanks for the responses. I've read lots of stuff on ssh port forwarding (local and remote), X11 forwarding, tunnelling, etc. and my brain is getting confused. I hadn't heard of proxy web servers so I think I need to take Allan's post and do some more research 
Offline
#5 2008-01-05 21:27:41
- Bebo
- Member
- From: Göteborg, Sweden
- Registered: 2006-06-07
- Posts: 207
Re: OpenSSH local port forwarding question
ssh -D <port> <user>@<host> works without a proxy on <host>. And 127.0.0.1:<port> should be set in the SOCKS host field in firefox.
EDIT: I don't know whether the DNS requests are sent through the proxy or from the client you're sitting on. Worth a check, or if someone here knows that?
Last edited by Bebo (2008-01-05 21:30:23)
Offline
#6 2008-01-06 12:43:51
- gothmog.todi
- Member
- From: Austria
- Registered: 2007-07-18
- Posts: 120
Re: OpenSSH local port forwarding question
I know it is not what you asked, but you could use tor for anonymous surfing:
http://wiki.archlinux.org/index.php/Tor
Last edited by gothmog.todi (2008-01-06 12:44:10)
Offline
#7 2008-01-07 03:41:47
- big_gie
- Member
- Registered: 2005-01-19
- Posts: 637
Re: OpenSSH local port forwarding question
Hi gothmog.todi, I'm doing exactly what you want to do.
Wherever I access a wireless connection, I ssh to my server so my we traffic is encrypted. Here is what I did:
1) You first need to install a web proxy on your server. I use Squid on my debian server. It's quite simple... Just read /etc/squid/squid.conf
2) You then connect via ssh to your server with local port forwarding with something like that:
ssh YourServerIP -p YourServerPort -L 3128 localhost:3128 -C"-C" is for compression (man ssh). 3128 is the default Squid port.
3) Set up firefox to use the proxy server "localhost" with port 3128. I suggest using SwitchProxy so you can easily swith from using this proxy to another one (or none)
For complete anonymity, you might want to check privoxy. But if your goal is only to encrypt your web traffic so nobody could sniff your bank account password, you don't need privoxy.
Good luck!
Offline