SSH Tunneling for Privacy and Trickery.

If you have access to a ssh server you can easily tunnel your web browsing and newsgroup/IRC activity to make sure that your IP is never associated with that ..stuff you do. You can basically tunnel any port through the any ssh server. These methods can be used to build up complex chains that are almost impossible to track.

To tunnel your basic browsing through a ssh “proxy” use this command:

ssh -D 8080 -p 22 codytaylor@someserver.com

I used port 8080 instead of the default 80 becuase I run a webserver on my local machine and I didn’t want to mess that up.

The -D in the command specifies a local dynamic application-level port forwarding which creates a socket to listen to the specified port on the local machine. Ancy connections made to this local port are forwarded over the secure channel.

This makes it easily possible to forward all web traffic on the local system through the secure channel by setting up a simple iptables rule:
–iptables -A PREROUTING -t nat -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 8080

If you want to set up a secure ssh tunnel to connect to a specific newsgroup server you can use this command:

sudo ssh -N -p 22 codytaylo@sshserver.net -f -L 443:111.111.111.111:443

The -L specifies that the given port on the local client is to be forwarded to the given host and port on the remote side. This is basically a very specific instruction that tells all traffic that is directed to localhost at port 443 (119 if you don’t like double encryption) to go to the ip address 111.111.111.111:443. Note: I couldn’t get this to work with domains for some reason.

The -N tells ssh to not execute any remote commands. So you do not get the annoying ssh session stuff that makes you leave the terminal open.

The -f tells ssh to go into the background.

Share

8 Responses to “SSH Tunneling for Privacy and Trickery.”

  • Sre Says:

    If I’m not mistaken, the iptables command depends on your browser having the intelligence (on auto) to detect a socks proxy. Even though that’s usually the case I just wanted to point out that you could eliminate the iptables command, and just stick with your initial ssh command in this blog post. Then you just go into your browser settings to have it use localhost 8080 for all the web requests, whenever you want them to go through the ssh tunnel.

  • Andrew Says:

    Wouldn’t setting up OpenVPN be easier? How about xerobank.com or shadowvpn.com where for a small fee you get the above & more. Good SSH forwarding tutorial though..

  • admin Says:

    OpenVPN would be better than simple ssh tunneling but it would also require a fair amount of work to get it installed and configured securely. I’d rather just copy and paste some command and not worry about it. Also SSH is installed in so many more servers so it’s what I encounter more often.

    As for xerobank and such, no one likes to pay for stuff.

  • Eric Schulman (notrael) Says:

    admin;

    A free & open source (GNU/2) OpenVPN connection solution and manager for OSX is called tunnelblick. http://code.google.com/p/tunnelblick/

    for the source:

    svn checkout http://tunnelblick.googlecode.com/svn/trunk/ tunnelblick-read-only

  • admin Says:

    Thanks, I’ll have to check it out.

  • spinkham Says:

    Don’t forget to tunnel your DNS traffic also, or you still face both traffic analysis problems and hijacking/redirection problems…

  • Nick Moore Says:

    Much More Trickiness With SSH…

    I saw an article on reddit this morning about SSH trickery. SSH is a very subversive protocol, able to work around many kinds of unwise security policies. Here’s a couple more useful things to know.
    1. Better Lurking Through .ssh/config-ery.
    Wher…

Leave a Reply