How to connect to Internet through a remote server via SSH connection
Solution 1
Ok. I've forgot about this question. Sorry, I should update the situation earlier.
I've tried some of the above suggestion. One of them works, the others didn't (some error that I can't recall, maybe due to my configuration). The solution is quite complicated (I have to google a bit to get it real works).
An eas(ier) solution
Then one of my colleagues suggest me to use sshuttle
and within a single command, I got what I need. All I have to do is open a new terminal, type in sshuttle -r username@serverIP 0.0.0.0/0
and enjoy the whole world of Internet. Sometimes it will return error and strangely just retrying makes it work
Solution 2
Try SSH tunneling/port forwarding. There is a lot of information in Internet. Read this: SSH/OpenSSH/PortForwarding and SSH tunneling with ubuntu.
I like to use SSH socks-proxy. Install plink:
sudo apt install plink
Run command in your local computer (SSH client) with restricted access to Internet:
plink -ssh 111.111.11.111 -C -N -l user -D 127.0.0.1:8081
where 111.111.11.111
- IP-address of your remote SSH-server with unrestricted access and user
- your SSH-server username.
Thats all. Now you have SOCKS proxy - all of the traffic through the proxy will be encrypted and routed through your remote SSH-server. Settings for the proxy are: host 127.0.0.1
, port 8081
.
Add this settings as Ubuntu system-wide proxy settings and instruct browsers, bash etc. to use system proxy. It's possible to add system proxy with Ubuntu System Settings GUI (mine has Ukrainian locale):
If you want to use the proxy for apt, read Configure proxy for APT?, only take into account you have socks-proxy, thus the proxy URLs should be socks4://127.0.0.1:8081
or socks5://127.0.0.1:8081
instead of http://127.0.0.1:8081
, for example:
export http_proxy="socks4://127.0.0.1:8081"
Solution 3
Two Steps to Use Socks Proxy
Socks proxy allows an easy way to access the Internet using a proxy computer. In this case the server that has unrestricted access to the Internet.
Step 1: Setup socks proxy for the desktop
This can be done at the browser or the system level. We will do it at the system level so that any program that wants to access the Internet will use the socks proxy. We will do it using the command line.
Open a terminal at your desktop Ubuntu using Ctrl+Alt+T and enter the following lines:
gsettings set org.gnome.system.proxy.socks host 'localhost'
gsettings set org.gnome.system.proxy.socks port 1080
gsettings set org.gnome.system.proxy mode 'manual'
This will route all the Internet traffic via the localhost:1080
.
Step 2: ssh
with a few options
Let us say the server has the IP address aaa.bbb.ccc.ddd
and you have an user account in this server called user007
.
In the terminal enter:
ssh [email protected]
If this works, you are all set. type exit
to get back from the server to the desktop. Now lets do it again with some options:
ssh -CD 1080 [email protected]
- The
C
compresses whatever passes between the desktop and the server. - The
D 1080
binds the local port 1080 to the server.
To revert back to normal
First, exit out of the ssh
session. If you add the -N
option in the ssh
you will have to use Ctrl+C.
Second, change proxy to none
:
gsettings set org.gnome.system.proxy mode 'none'
If you want to be fancy, you can combine these steps into a bash script, but this will get the job done.
#!/bin/bash
gsettings set org.gnome.system.proxy.socks host 'localhost'
gsettings set org.gnome.system.proxy.socks port 1080
gsettings set org.gnome.system.proxy mode 'manual'
ssh -CD 1080 [email protected]
gsettings set org.gnome.system.proxy mode 'none'
echo "Finished with the Internet, now back to work..."
This script will set the socks proxy, then start the ssh
. When you exit the ssh
, it will turn the proxy off.
Hope this helps
Solution 4
The other answers work for things that have support for SOCKS in their configuration. When the tool you want to use doesn't have support, you can use socksify
from the dante-client
package.
ssh -fND 1080 $server
SOCKS_SERVER=127.0.0.1:1080 socksify git fetch
Related videos on Youtube
Comments
-
enamoria almost 2 years
I have a problem in accessing Internet through an ssh-accessible server
Situation
EDIT: FYI, my OS is Ubuntu 16.04, and IIRC, same as the server.
Ok, here's the deal.
- My company provide me a PC with network connection (through a proxy), but got limited to some resources on the net (I can neither add external PPA or
apt-get update
after manually adding them, nor can't access to some download section of some applications, but still can install package by usingapt-get install
orpip
). - Besides, my (above) PC have access to some of my company's servers via ssh connection. One of them (deliberately) has unrestricted Internet access (sounds weird, but that the way it is). I asked my boss if I can somehow can make my computer connect to the Internet without restriction through that server, and he told me that's possible but he doesn't know how to. And FYI, though he doesn't encourage me to do so, I'm not forbidden.
My question
Is there any way I can do what I've just describe? From my PC, access (unrestricted) to Internet via a remote server (with unrestricted Internet access)
What I've tried so far
Not much, actually, because I don't know how to search (hard to think of a keyword) for the problem. Most of the time I tried to config the proxy, so I can (partially) solve the problem (for PPA, I tried adding to
source.list
and add the sign, add proxy entries to/etc/apt/apt.conf
, ...). Still no candy for the baby. If anyone need to see the error, tell me, but I want to solve the problem completely :(I'm grateful to any suggestion. Thanks in advance!
-
olikaf almost 6 yearsIs you PC with unrestricted acces to Internet a linux box ? If yes, take a look at askubuntu.com/questions/609922/…
-
user535733 almost 6 yearsIn some parts of the world, violating your company's policy on the care and use of their property (regardless of your supervisor's apparent lack of interest) might get you fired and/or sued. If they truly didn't care, then why did they go through so much trouble to require use of their proxy under all possible conditions?
-
user535733 almost 6 yearsDo you have full admin permissions on this machine? If so, please edit the question to clearly explain exactly what happens when you disable the proxy and try to use normal non-proxied networking. "It doesn't work" is too vague to help you -- we need to see the complete error messages that explain why it doesn't work.
-
enamoria almost 6 years@olikaf it is. I will try your suggestion
-
enamoria almost 6 years@user535733 I have full permission on both device (mine and the server). I asked my boss about my situation and I got his permission to do it (though he suggest me to try figure a workaround first)
- My company provide me a PC with network connection (through a proxy), but got limited to some resources on the net (I can neither add external PPA or
-
user68186 almost 6 yearsWhat does the plink do? I just use
ssh
. -
pa4080 almost 6 yearsThank you for this answer! In addition I would suggest a way to push the ssh connection into the background by using the options
-fTN
:ssh -fTN -CD 1080 [email protected]
. Here are few partially wired topics: (1) Making a script to check if SSH connection exists and if not then connect; (2) Access remote multiple servers behind NAT; (3) How do I access the SSH client side from the SSH server side?.