Enable TCP Forwarding by sshd server
cat /etc/ssh/sshd_config
Here are some example. First let’s restrict the users who are allowed to forward TCP sessions:
# SSH1, SSH2, OpenSSH
AllowTcpForwarding no
and then at the end of the file put
Match User allex,john,andy
AllowTcpForwarding yes
Or better, allow specific ports per user groups:
AllowTcpForwarding no
Match Group admins
AllowTcpForwarding yes
Match User john,andy,ted
AllowTcpForwarding yes
PermitOpen 192.168.0.1:443
After all, restart openssh-server,
/etc/init.d/sshd restart
Use ssh -D
port forwarding create a local socket proxy server
# Create socket proxy channel
ssh -CfNg -D 127.0.0.1:7070 user@host &>/dev/null &
Note:
man ssh
for more details,
- -C Requests compression of all data
- -f Requests ssh to go to background just before command execution.
- -N Do not execute a remote command. This is useful for just forwarding ports (protocol version 2 only).
- -g Allows remote hosts to connect to local forwarded ports (if just use local env AVOID IT)
- -D Specifies a local “dynamic” application-level port forwarding.
Setup socket proxy in Browser.
There are lots of proxy tools for web browser extensions. (such as SwitchySharp for chrome.)
Use socks proxy for commands in terminal
export http_proxy=socks5://127.0.0.1:7070 https_proxy=socks5://127.0.0.1:7070