Saturday, December 12, 2009

SSH Tunneling

This is a quick blog post to let my mate Ollie know about a few ways that I use SSH and how it is useful.

Firstly, a SSH client connects to a SSH server, logs in with either a password or certificate and communicates over an encrypted tunnel. The beauty of SSH is that it is also easy to tunnel other types of traffic such as HTTP or VNC over the tunnel. This is useful for the following:

> Secure Administration of a remote server.
> Secure File transfer.
> Securing web traffic over a non-secure wired or wireless network.
> Bypassing of restrictions and filtering imposed on the local network.


Tools

> Privoxy
> SSH
> Screen


Setup

At home I have installed SSH on a server and started the service (/etc/init.d/ssh start) listening on port 22 for SSH traffic. I have set port forwarding up on my firewall to allow traffic to hit the server on this port. Usually I will set up a non-standard port but for the sake of an easy explanation I'll leave it at port 22.

On that server I have also installed pivoxy (apt-get install privoxy), and started it (/etc/init.d/privoxy start). By default, Privoxy binds to 127.0.0.1:8118 , and I have also installed Screen. Screen is a program that allows you to have multiple terminal sessions open at once and leave them running after disconnecting from the SSH server.


Connecting To The Server

From my client I connect to the server by using the following command:

ssh synjunkie@ssh_server_ipaddress


After logging in I can issue commands as if I'm sitting at the server. After connecting I would start Screen by issuing the `screen` command. If I wanted to connect to a previous screen session I would use `screen -r`

You navigate through Screen by issuing commands through key-bindings. A few of the ones I find most useful are:

Ctrl+a c new window
Ctrl+a n next window
Ctrl+a p previous window
Ctrl+a " select window from list
Ctrl+a A set window title
Ctrl+a ? show key bindings/command names
Ctrl+a d detach screen from terminal

Screen is great because you can leave a scan going in one session, irc in another and say a traffic capture in another.


Tunneling Traffic

as well as connecting to the server I might want to tunnel some traffic over SSH to my home server and then back out.

For this I would issue the following command on my client and log in.

ssh -NL 8118:localhost:8118 synjunkie@ssh_server_ipaddress

After setting up the tunnel I would go into the proxy settings on my browser and point them to localhost port 8118.


I hope this illustrates a couple of good uses for SSH.

+++

Share |

"make something then You never be lost"

wibiya widget