SSH stands for secure shell and is an encrypted data transfer protocol which is commonly used for Linux server communication. Tunnelling, in the context of computer networking, is the act of creating a link between two systems with one protocol that encapsulates additional protocols within itself.
One of the most simple ways to set up an SSH Tunnel is to make use of the ssh command’s -D argument. This argument allows you to specific a port upon which to listen locally. This causes ssh to act as a local SOCKS proxy server, routing any traffic pointed at this local proxy through the SSH tunnel. More details about the -D argument of ssh is shown below in the form of an extract from ssh’s man page.
-D portSpecifies a local “dynamic” application-level port forwarding. This works by allocating a socket to listen to port on the local side, and whenever a connection is made to this port, the connection is forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. Currently the SOCKS4 and SOCKS5 protocols are supported, and ssh will act as a SOCKS server. Only root can forward privileged ports. Dynamic port forwardings can also be specified in the configuration file.
One of the simplest methods to set-up an SSH tunnel, is the following command in a Linux terminal.
ssh -D 8080 username@example.com
This connects to the computer at ‘example.com’ and attempts to authenticate as ‘username’, asking for a password if necessary. When authentication is successful, ssh will act as a SOCKS proxy server on port 8080 as defined in the command. All you then need to do is configure your software (for example, your web browser) to run through a SOCKS proxy at ‘localhost’ or ’127.0.0.1′ on port 8080.
Hopefully this will help you set-up quick and easy SSH tunnels when you need them!
No comments:
Post a Comment