SSH Tunnelling 101

I have been meaning to try out SSH tunnelling but never got around to it. Here's a simple guide to access a proxy server at your home via SSH tunnelling

Start the proxy server at home


$ ./proxy_server 3218


Create a SSH tunnel to forward packets from your office laptop securely to the proxy server at home

$ ssh -f username@remote.homeserver.com -L local_port:remote.homeserver.com:3218 -N

Thats it!

Configure your browser to use 127.0.0.1:local_port as the proxy server and you have a secure port forwarding session ready for use!

An easier way where you don't even need the proxy server program at home is to use ssh:

ssh -ND 1080 pc.home.com

This starts a SOCKS server on localhost on port 1080 and forwards all incoming connections to remote server on pc.home.com. Now you just need to configure your browser to use the SOCKS proxy on 127.0.0.1:1080

You can create a chain of machines using the two ssh commands above:

Configuration

PC-1, PC-2, PC-3

PC-1 browser uses 127.0.0.1:1080
PC-1$ ssh -NL 1080:localhost:1080 PC-2

PC-2$ ssh -NL 1080:localhost:1080 PC-3

PC-3$ ssh -ND 1080 localhost