LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-12-2008, 02:40 PM   #1
TehDooMCat
LQ Newbie
 
Registered: Apr 2007
Posts: 12

Rep: Reputation: 0
Question SSH Tunnelingl through a HTTP proxy?


At my college all the network connections have to be put through their squid proxy, as they filter things out like games websites etc. - they have to do it or they lose their 'educational discount'.

However, there's nothing wrong, according to their ISP's TOS, with setting up encrypted connections between computers on the network and others on the internet, and doing whatever the hell you want with it. A few members of staff want me to figure out how to for them.

So I'd like to set up a SSH tunnel from my laptop, through the college's network and proxy, to my desktop running OpenSSH at home, to get unfiltered access to the internet.

The way to setup a tunnel is to use the ssh command to bind a local port to a remote machine, right? So could I theoretically bind port 8080, the port I connect to the proxy on at college, to port 80 on my home PC's IP? Or would it try to connect to the proxy using the tunnel instead of vice-versa?

I will endeavor to try this tomorrow, but it'd be nice to know if I'm going down the right route or not - to make sure I've understood the idea of SSH tunnelling correctly.

EDIT: More trawling through google indicates that I can bind another local port to my remote PC, using corkscrew to tunnel through the proxy, and use this other local port as my proxy. I shall try this

Last edited by TehDooMCat; 10-12-2008 at 02:52 PM.
 
Old 10-12-2008, 03:11 PM   #2
utanja
Member
 
Registered: Apr 2004
Location: Europe:Salzburg Austria USA:Orlando,Florida;
Distribution: Debian
Posts: 643

Rep: Reputation: 32
Quote:
Originally Posted by TehDooMCat View Post
At my college all the network connections have to be put through their squid proxy, as they filter things out like games websites etc. - they have to do it or they lose their 'educational discount'.

However, there's nothing wrong, according to their ISP's TOS, with setting up encrypted connections between computers on the network and others on the internet, and doing whatever the hell you want with it. A few members of staff want me to figure out how to for them.

So I'd like to set up a SSH tunnel from my laptop, through the college's network and proxy, to my desktop running OpenSSH at home, to get unfiltered access to the internet.

The way to setup a tunnel is to use the ssh command to bind a local port to a remote machine, right? So could I theoretically bind port 8080, the port I connect to the proxy on at college, to port 80 on my home PC's IP? Or would it try to connect to the proxy using the tunnel instead of vice-versa?

I will endeavor to try this tomorrow, but it'd be nice to know if I'm going down the right route or not - to make sure I've understood the idea of SSH tunnelling correctly.

EDIT: More trawling through google indicates that I can bind another local port to my remote PC, using corkscrew to tunnel through the proxy, and use this other local port as my proxy. I shall try this
see

http://www.nomachine.com

I use this and tunnel without any problems...and the speed is very good...

 
Old 10-12-2008, 03:17 PM   #3
blackhole54
Senior Member
 
Registered: Mar 2006
Posts: 1,896

Rep: Reputation: 61
You have two issues. One trivial, the other perhaps not.

The (potentially) non-trivial one is you must set up an ssh connection to your server at home. The trivial one is you must then tunnel stuff across the connection.

Let me deal with the trivial one first. One possibility is to connect a local port on your your laptop to a local port on your home server using ssh's -L option. This would be useful if, for example, you had your own proxy listening on that port on your server. If you aren't running you own proxy, rather than use the -L option, you probably want to use the -D option. For example

Code:
ssh -D localhost:8888 <whatever it takes to get the connection>
This will have the effect of turning the ssh connection into a socks proxy listening on localhost:8888. So if you set your browser to use this socks proxy, you should get internet access via your home server. Note that this is a SOCKS proxy, not an http proxy like I believe you are currently using. (But it is probably set up through the same dialog box.)

Now for the (potentially) difficult part, getting the ssh connection in the first place. I understand your university is blocking (or redirecting) port 80 to force you through squid. The question is whether they are blocking the other ports as well. If not, then getting the connection is easy as I have outline in this post. Do pay attention to security before having an ssh server listen on the Internet; dictionary attacks are common on port 22.

If your university is blocking ports such that you can't do this, then your only option is to actually tunnel ssh through what looks like a valid http or https site to squid. I believe I have read of ways to do this but I can't help you off the top of my head. Try doing an Internet search for the info. Since the ISP explicitly allows tunnels, hopefully you can do a direct connection and don't need to resort to this.

I will reiterate what I posted on the other thread: it is your responsibility to conform to whatever network usage policies that your university has published. I am mereley providing some technical details.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH via HTTP Authenticated Proxy wag2639 Linux - Networking 3 03-26-2008 12:10 AM
NX (SSH) over http proxy 1N4148 Linux - Networking 10 10-22-2007 09:15 PM
Proxy tunneling SSH over HTTP Gibsonist Linux - Networking 0 12-05-2005 04:43 AM
Connect to ssh via http proxy? jago25_98 Linux - Networking 1 04-04-2005 05:52 AM
"socks5" -> "http" proxy protocol, or ssh tunnel to sock5 ? I'm beyond http p vmicho Linux - Networking 2 12-16-2003 06:32 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration