|
|
Otterhole :: Client Socks Proxy
|
|
Revisions
2010013 Initial document
Introduction If you have access to an SSH service some place you may be able to use that service to proxy your web traffic. The reasons for doing so may include:
First, there must be an accessible account on the server. This could be a regular user account, or it could be an account specifically setup to use for proxy services. Ask your administrator, or read the following section regarding Server Setup Second, you need an SSH client on your local computer. For Windows based PCs, the common choice is Putty, which is described here. The SSH client needs to be setup to do 'dynamic' forwarding. This can be setup before connecting to a server, or it can be done using the "change settings" feature of an existing SSH session.
At this point you should see "D8083" in the box above the line "Add new forwarded port:" At this point, you may choose to save these settings, by going back to "Session" adding the server name or address, adding a session name, and entering "save session". You must login to your server account using SSH and keep the session up while using your web browser. This may also require one to access an authentication web page, if the adminstrator uses PageKnock to protect access to the SSH interface. You must also configure the web browser to use the Socks protocol. For Internet Explorer, this might be as follows:
You may also choose other SSH client settings, including:
The server needs to be setup with specific settings. Using OpenSSH, these settings include the default settings
What this configuration does is redirect the flow of data across the network. Usually, the web client tries to access the web server directly. What this will do is redirect the web client to a proxy service setup on the same computer as the web client. This proxy service, using the protocol called "Socks", is built into Putty and configured using the "Dynamic" tunnel feature. This proxy service will forward all network connections to the SSH server in an encrypted fashion. Once at the server, the SSH session will be decrypted, and the tunnel content will be sent out over the Internet to the desired web server. The web server will see the network traffic comming from IP address of the SSH server. |
|
Copyright Otterhole 2007-2010 last updated: 2010/01/13 11:09 . |
|