Using SSH tunnel connection as a SOCKS5 proxy
11 Dec2008

Month ago I was on a vacation and as usual even though our hotel provided us with an internet connection on a pretty decent speeds, I wasn’t able to work there because they’ve banned all tcp ports but some major ones (like 80, 21, etc) and I needed to be able to use ssh, mysql, IMs and other non-web software.

After a short research I’ve found a pretty simple to set up and easy to use approach to such a connection problems I’d like to describe here.

First, you’ll need someone (or you can do it before leaving home) to start an ssh daemon on port 80 on one of your servers. I use one of my Slicehub slices for this to permanently have an ability to use it. You can do it like this (if it is a temporary solution):

1
# `which sshd` -p 80

Notice: this `which sshd` was used because on some OSes sshd does not want to start w/o an absolute path to its binary.

If you’d like to have it permanent, just add one line to your /etc/ssh/sshd_config file and restart your ssh server:

1
Port 80

OK, this step is finished and you have sshd listening on port 80. Now, let’s imagine you go somewhere and need to use ssh (or ICQ/GTalk/Jabber/MSN/AIM, or torrents) and some weird admin banned all tcp ports but port 80. Here’s what you’ll need to do:

  1. You open terminal on your machine (most likely it’ll be your laptop)
  2. You run the following command:
    1
    $ ssh -D 1080 -p 80 -v user@your-host.com "sleep 1000000"
  3. Use 127.0.0.1 (port 1080) as your local socks4/5 proxy server (no authorization) in any software you want

When you have theses steps are finished, you can go to any place you want and wherever you have an access to web servers, you’ll have an access to anything you need (tested on: ssh, safari, adium, vuze torrent client, rubygems, macports).

P. S. On my macbook to make this thing even more useful I’ve installed tsocks port (non-mac users, check it out here).