Enable TCP Forwarding by sshd server
Here are some example. First let’s restrict the users who are allowed to forward TCP sessions:
# SSH1, SSH2, OpenSSH AllowTcpForwarding no
and then at the end of the file put
Match User allex,john,andy AllowTcpForwarding yes
Or better, allow specific ports per user groups:
AllowTcpForwarding no Match Group admins AllowTcpForwarding yes Match User john,andy,ted AllowTcpForwarding yes PermitOpen 192.168.0.1:443
After all, restart openssh-server,
ssh -D port forwarding create a local socket proxy server
# Create socket proxy channel ssh -CfNg -D 127.0.0.1:7070 user@host &>/dev/null &
man sshfor more details,
- -C Requests compression of all data
- -f Requests ssh to go to background just before command execution.
- -N Do not execute a remote command. This is useful for just forwarding ports (protocol version 2 only).
- -g Allows remote hosts to connect to local forwarded ports (if just use local env AVOID IT)
- -D Specifies a local “dynamic” application-level port forwarding.
Setup socket proxy in Browser.
There are lots of proxy tools for web browser extensions. (such as SwitchySharp for chrome.)
Use socks proxy for commands in terminal
export http_proxy=socks5://127.0.0.1:7070 https_proxy=socks5://127.0.0.1:7070