SSH tunnel

From Cship
Jump to: navigation, search

A SSH tunnel often refered to as dynamic port forwarding is a simple and secure way to bypass Internet censorship. To use it, you need a Shell account (nowadays its always a SSH account) on a remote server with a "free" connection to the Internet. The connection is encrypted, so no one can see what are you transfering over that tunnel. You can get such an account for example from Polarhome.

Creating a SSH tunnel on Windows[edit]

  • Download PuTTY (about 0.5MB, just one .exe which can run directly)
  • In the "Session" category enter the hostname of your SSH account.
  • Then go to the "Connection --> SSH --> Tunnels" category and enter for example "8080" in the "Source port" field and select "dynamic" as the location. Then click on "Add".
  • Now go back to the "Session" category where you can safe your settings. With a click on "Open" you start the connection.
  • When you connect to the SSH account the first time you have to accept the security certificate first.
  • In the black window popping up you need to enter the username and password for your account.

Creating a SSH tunnel on Linux and Mac OS[edit]

  • open a shell (terminal) and enter
ssh -D 8080 -f -C -q -N myuser@myserver.com
  • where of course "myuser" stands for your username and "myserver.com" for the domain or IP of your SSH server.
  • When you connect to the SSH account the first time you have to accept the security certificate first.
  • Then you need to enter the password for your account.

Using a SSH tunnel[edit]

  • With the commands above you started a local Socks5 proxy on port 8080.
  • So with every application you want to use (Firefox, Internet Explorer, MSN Messenger...) you have to go to the configuration menu of that program and add this as a Proxy server:
  • Server: localhost, Port: 8080, Protocol: Socks5

Weblinks:[edit]