Slashdot Mirror

← Back to Stories (view on slashdot.org)

SSH Tunnels How-to?

Posted by ryuzaki0 on from the what-encryption-worms-build dept.

The_Spider asks: "I periodically browse the net and check web-mail at work, when I have the opportunity. I was wondering if anyone had a nice walkthrough on how to set-up an SSH tunnel. I'm not 100% newbish to Linux but I don't know where to start. (I have a Fedora Core box at home for NAT & DHCP) I'm hoping to combine this for use with portable Firefox. I'm not to worried about security, but I love the notion of taking a portable and encrypted browser with me from place to place. Can Slashdot help?" While this might be a bit FAQ, I figure Slashdot anecdotes on the use of SSH tunnels might be a bit more user-friendly than say, the several task-specific HOWTOs one can find via a Google search. ALso, I'm sure that there are a few of you out there who have discovered interesting ways of using SSH tunnels, not covered by said HOWTOs. So, how are you using SSH tunnels, and can you explain them to those who have not yet discovered the value of their use?

2 of 98 comments (clear)

  1. Just what you are looking for... by linuxkrn · · Score: 5, Informative

    Got one of those on my website.

    Enjoy http://www.linuxlogin.com/linux/admin/sshtunnels.p hp

  2. Re:Gotta love SSH tunneling by fimbulvetr · · Score: 5, Informative

    This is exactly what I do, and let me tell you what: It's saved my ass a few times.

    I also run two browser profiles with one being the proxied and one being normal, with different shortcuts to each. I separate the instances so my employer still sees a lot of traffic so they don't get suspicious. The work-related ones get me to lots of vendors sites, googling for solutions, etc.

    I use a sh script to start my second one. It looks for an already open port just in case I killed the browser accidently and don't need to re-establish the tunnel. It re-establishes if it needs to.

    You could also proxy your IM messages through these, though I haven't gone to that length yet. Here's my sh script:

    #!/bin/sh

    STAT=`netstat -an | grep 8888`;
    if [ "$STAT" = "" ];
                    then

    #friendshomemachine
    # ssh -L 8888:127.0.0.1:8888 friendshomemachine "perl -e 'while (1) { print localtime."\n";sleep 10;}'" &
    #mine
                    ssh -L 8888:127.0.0.1:8888 myhomemachine "perl -e 'while (1) { print localtime."\n";sleep 10;}'" &
    #friendshomemachine
    # ssh -c blowfish-cbc -C -f -N -L 8888:127.0.0.1:8888 friendshomemachine "perl -e 'while (1) { print localtime."\n";sleep 10;}'" &
    #mward
    # ssh -c blowfish-cbc -C -f -N -L 8888:127.0.0.1:8888 friendshomemachine "perl -e 'while (1) { print localtime."\n";sleep 10;}'" &

    fi /usr/local/firefox/firefox -P encrypted

    I've heard blowfish is slower, but it doesn't seem to be when you're just browsing. Feel free to experiment. Others with more knowledge as to what's faster, please let me know.