How to connect to Internet through a remote server via SSH connection

ssh internet proxy

9,350

Solution 1

Ok. I've forgot about this question. Sorry, I should update the situation earlier.
I've tried some of the above suggestion. One of them works, the others didn't (some error that I can't recall, maybe due to my configuration). The solution is quite complicated (I have to google a bit to get it real works).

An eas(ier) solution

Then one of my colleagues suggest me to use sshuttle and within a single command, I got what I need. All I have to do is open a new terminal, type in sshuttle -r username@serverIP 0.0.0.0/0 and enjoy the whole world of Internet. Sometimes it will return error and strangely just retrying makes it work

Solution 2

Try SSH tunneling/port forwarding. There is a lot of information in Internet. Read this: SSH/OpenSSH/PortForwarding and SSH tunneling with ubuntu.

I like to use SSH socks-proxy. Install plink:

sudo apt install plink

Run command in your local computer (SSH client) with restricted access to Internet:

plink -ssh 111.111.11.111 -C -N -l user -D 127.0.0.1:8081

where 111.111.11.111 - IP-address of your remote SSH-server with unrestricted access and user - your SSH-server username.

Thats all. Now you have SOCKS proxy - all of the traffic through the proxy will be encrypted and routed through your remote SSH-server. Settings for the proxy are: host 127.0.0.1, port 8081.

Add this settings as Ubuntu system-wide proxy settings and instruct browsers, bash etc. to use system proxy. It's possible to add system proxy with Ubuntu System Settings GUI (mine has Ukrainian locale):

If you want to use the proxy for apt, read Configure proxy for APT?, only take into account you have socks-proxy, thus the proxy URLs should be socks4://127.0.0.1:8081 or socks5://127.0.0.1:8081 instead of http://127.0.0.1:8081, for example:

export http_proxy="socks4://127.0.0.1:8081"

Solution 3

Two Steps to Use Socks Proxy

Socks proxy allows an easy way to access the Internet using a proxy computer. In this case the server that has unrestricted access to the Internet.

Step 1: Setup socks proxy for the desktop

This can be done at the browser or the system level. We will do it at the system level so that any program that wants to access the Internet will use the socks proxy. We will do it using the command line.

Open a terminal at your desktop Ubuntu using Ctrl+Alt+T and enter the following lines:

gsettings set org.gnome.system.proxy.socks host 'localhost'
gsettings set org.gnome.system.proxy.socks port 1080
gsettings set org.gnome.system.proxy mode 'manual'

This will route all the Internet traffic via the localhost:1080.

Step 2: `ssh` with a few options

Let us say the server has the IP address aaa.bbb.ccc.ddd and you have an user account in this server called user007.

In the terminal enter:

ssh [email protected]

If this works, you are all set. type exit to get back from the server to the desktop. Now lets do it again with some options:

ssh -CD 1080 [email protected]

The C compresses whatever passes between the desktop and the server.
The D 1080 binds the local port 1080 to the server.

To revert back to normal

First, exit out of the ssh session. If you add the -N option in the ssh you will have to use Ctrl+C.

Second, change proxy to none:

gsettings set org.gnome.system.proxy mode 'none'

If you want to be fancy, you can combine these steps into a bash script, but this will get the job done.

#!/bin/bash 
gsettings set org.gnome.system.proxy.socks host 'localhost'
gsettings set org.gnome.system.proxy.socks port 1080
gsettings set org.gnome.system.proxy mode 'manual'
ssh -CD 1080 [email protected]
gsettings set org.gnome.system.proxy mode 'none'
echo "Finished with the Internet, now back to work..."

This script will set the socks proxy, then start the ssh. When you exit the ssh, it will turn the proxy off.

Hope this helps

Solution 4

The other answers work for things that have support for SOCKS in their configuration. When the tool you want to use doesn't have support, you can use socksify from the dante-client package.

ssh -fND 1080 $server
SOCKS_SERVER=127.0.0.1:1080 socksify git fetch

View more solutions

9,350

enamoria

Stupid fresher with zero achievement

Updated on September 18, 2022

Comments

enamoria almost 2 years
I have a problem in accessing Internet through an ssh-accessible server

Situation

EDIT: FYI, my OS is Ubuntu 16.04, and IIRC, same as the server.

Ok, here's the deal.
- My company provide me a PC with network connection (through a proxy), but got limited to some resources on the net (I can neither add external PPA or apt-get update after manually adding them, nor can't access to some download section of some applications, but still can install package by using apt-get install or pip).
- Besides, my (above) PC have access to some of my company's servers via ssh connection. One of them (deliberately) has unrestricted Internet access (sounds weird, but that the way it is). I asked my boss if I can somehow can make my computer connect to the Internet without restriction through that server, and he told me that's possible but he doesn't know how to. And FYI, though he doesn't encourage me to do so, I'm not forbidden.
My question

Is there any way I can do what I've just describe? From my PC, access (unrestricted) to Internet via a remote server (with unrestricted Internet access)

What I've tried so far

Not much, actually, because I don't know how to search (hard to think of a keyword) for the problem. Most of the time I tried to config the proxy, so I can (partially) solve the problem (for PPA, I tried adding to source.list and add the sign, add proxy entries to /etc/apt/apt.conf, ...). Still no candy for the baby. If anyone need to see the error, tell me, but I want to solve the problem completely :(

I'm grateful to any suggestion. Thanks in advance!
- olikaf almost 6 years
  
  Is you PC with unrestricted acces to Internet a linux box ? If yes, take a look at askubuntu.com/questions/609922/…
- user535733 almost 6 years
  
  In some parts of the world, violating your company's policy on the care and use of their property (regardless of your supervisor's apparent lack of interest) might get you fired and/or sued. If they truly didn't care, then why did they go through so much trouble to require use of their proxy under all possible conditions?
- user535733 almost 6 years
  
  Do you have full admin permissions on this machine? If so, please edit the question to clearly explain exactly what happens when you disable the proxy and try to use normal non-proxied networking. "It doesn't work" is too vague to help you -- we need to see the complete error messages that explain why it doesn't work.
- enamoria almost 6 years
  
  @olikaf it is. I will try your suggestion
- enamoria almost 6 years
  
  @user535733 I have full permission on both device (mine and the server). I asked my boss about my situation and I got his permission to do it (though he suggest me to try figure a workaround first)
user68186 almost 6 years

What does the plink do? I just use ssh.
pa4080 almost 6 years

Thank you for this answer! In addition I would suggest a way to push the ssh connection into the background by using the options -fTN: ssh -fTN -CD 1080 [email protected]. Here are few partially wired topics: (1) Making a script to check if SSH connection exists and if not then connect; (2) Access remote multiple servers behind NAT; (3) How do I access the SSH client side from the SSH server side?.