Using SSH as a proxy - SSH tunneling

[Gapo]

Some basic information

What is SSH?

- SSH stands for "Secure Shell". It's primarly used on Unix-like systems. SSH is a replacement for TELNET, due to its flaws. As a result, SSH uses encryption. It is a secure way of exchanging data between remote hosts.

It's only a remote administration software, per se?

- It is, although we can still use the remote host as a proxy. It depends on the shell account and what limitations it may have, though. We must have an account that permits SSH tunneling. If it doesn't support it, then don't bother using it.

Does it support my operating system?

SSH works on Mac, UNIX and Windows operating systems. On Windows we must install a terminal-emulator, which I'll explain later on.


Okay, time to start the tutorial

First we need to find a free shell account. We could use a paid one (as little as 1$ these days), but let's stick with free.

You can find free shell accounts here.

For this instance I chose Shellmix.

Shellmix is unique. Most shell providers you don't have to use a different port than 22. In this case we have to use port 30 when connecting to create an account.

To connect to Shellmix's servers, we need to use PuTTY or other terminals.

Download PuTTY: PuTTY Download Page
For users on Ubuntu: sudo apt-get install PuTTY

Install PuTTY and launch it.

As we start up PuTTY, we will be on the session tab. That's where we want to be.
In Host Name you put: shellmix.com
Port number: 30
Click on open. We will now be connecting to shellmix.com and registering a free SSH account.

Login as "newuser" without the quotation marks. Likewise, password is "newuser" . Remember: no quotation marks!

We've now come to the registration part. Enter a login name. Any username. After that, you enter a password of your own. When you're done, close the connection.


Configuring an SSH tunnel

You've managed to register an account and install PuTTY. Well done! Now's the time to configure an SSH tunnel.

Launch PuTTY. Expand the SSH tab. Click on Tunnels.
In source port you can choose whatever port. In this example, we'll use port 1234.
Click on Dynamic and click on Add
Go back to Session. In Host Name: shellmix.com Port: 22

In Saved Sessions, name it "Shellmix.com SSH tunnel" and click Save.

We're now ready to use our proxy!


Using the SSH tunnel

The SSH tunnel can be used for various things. We can use it as an IRC proxy and so forth. There are lots of possibilities. In this tutorial, we'll stick with using it in FireFox.

Detailed method:
Launch FireFox. Click on Tools, scroll down to Options. Find the Advanced tab and click on it.
Now we will click on Network. Click on Settings.

A new window will pop up.
Click on Manual proxy configuration.
Go down to SOCKS Host.
In SOCKS host you enter 127.0.0.1
In Port you enter 1234

Now, remember the port should be the same one you chose in PuTTY. In this tutorial, we used 1234. If you picked another port, then that's the one you should put there.

Quick way:
1. Firefox: Tools / Options / Advanced
2. Click on Settings under Connection
3. Values: SOCKS host: 127.0.0.1 and Port: 1234

Finally done!
If you did it right, you should now have a new IP. Check if you have a new IP here.

FAQ

[anon]

Nice one! Just two things:
1. SSH stands for Secure Shell, not Secure Channel
2. what happened to the FAQ?

[Gapo]

Argh! Small typo It's there for future use. I'm not sure what else there's to say forthwith. Ideas?

EDIT: May want to add this to http://www.sb-innovation.de/showthre...threadid=18705

[anon]

EDIT: May want to add this to http://www.sb-innovation.de/showthre...threadid=18705

That one's only for tutorials posted on the same section as the list itself, although since yours is essentially about concealing your IP, I don't see why it can't be moved there and added.

[Gapo]

It is? Not sure why this http://www.sb-innovation.de/showthre...threadid=18139 thread hasn't been moved yet. It's fine to move mine.

[anon]

Both fixed, my master.

[Instab]

SSH preceded TELNET to fix its flaws.

actually it's more an rsh replacement than telnet. they have much more in common.

nice guide btw

[Gapo]

Oh. I thought it would be fine to say it preceded TELNET. Anyway, thanks for telling me.

[Instab]

Oh. I thought it would be fine to say it preceded TELNET. Anyway, thanks for telling me.

dösn't matter much for most users i güss

[Renk]

Thanks for your tuto. I have some questions:

1) For the port 1234, why click on "dynamic" and not on "local" ?
2) From a general point of view, is SSH secure for torrenting, with DHT, Peer Exchange, UDP trackers and Teredo ?

A final remark: Putty is a very good ssh client, but there is a fork, named Kitty, that I prefer.

True final remark: It seems that now Shellmix no more provide free shell.

[anon]

1) For the port 1234, why click on "dynamic" and not on "local" ?

"Local" limits Putty to one host per port, to which any traffic received in that port will be forwarded. "Dynamic" makes it act as a SOCKS proxy server, and automatically create the required forwardings as the applications using this proxy demand.

2) From a general point of view, is SSH secure for torrenting, with DHT, Peer Exchange, UDP trackers and Teredo ?

SSH is a TCP-based protocol and cannot forward UDP traffic without a special setup that converts UDP to TCP before submitting, and has the server transform that back into UDP before it's delivered to the Internet. This means the following are a no-go unless you have a server of your own where you can create this setup: DHT, UDP trackers, uTP connections, Teredo tunneling.

A few notes regarding the use of SSH tunnels for P2P activity:

• don't forget to reverse-forward the listening port your favorite application uses, so that you're connectable. Once again, that requires that you have root access to the server.
• try to avoid tunneling high volumes of traffic through free services.