6

I have 2 servers, A and B. I want to create a tunnel from my system to server B but I have some limits to do this. So I have to first tunnel to server A and from server A to server B. My goal is to have a SOCKS Proxy to browse the web.

How can I do this?

Sachin Divekar
  • 5,772
  • 1
  • 23
  • 20
hpn
  • 1,431
  • 7
  • 18
  • 21

1 Answers1

6

I am showing you a very basic way to do it. Here I am assuming that B is directly accessible from A. There may be variations according to various situations.

On A:

ssh -D socks_port B

This will open up the port socks_port on A as a SOCKS proxy.

On your system:

ssh -L local_port:localhost:socks_port A

This will forward local_port on your system to port socks_port on A.

Then you can configure your browser to use SOCKS proxy on socket localhost:local_port

A one-liner would look like this:

ssh -t -L 1234:localhost:5678 FIRSTHOST ssh -D 5678 SECONDHOST

where FIRSTHOST and SECONDHOST have to be replaced by your hosts’ names or IP addresses.

In your browser you have to enter a socks proxy as:

localhost:1234
erik
  • 16,959
  • 4
  • 32
  • 46
Sachin Divekar
  • 5,772
  • 1
  • 23
  • 20
  • 1
    Thanks, Using this command I have to first run command `ssh -D socks_port B` on server A. Right? – hpn Dec 09 '11 at 11:21
  • It doesn't work. I can't browse the web. It only asks password of server A and not B(I think it should ask the passwords for both servers because server A should connect to server B). – hpn Dec 09 '11 at 11:32
  • @hpnik +1 for your first comment. I am sorry. I think you are right in the first comment. First you need to open up the port on A as SOCKS proxy with `-D`. I am updating my answer because then my ssh command will also change. – Sachin Divekar Dec 09 '11 at 11:40
  • Thanks, Is it possible to write both commands in one line? – hpn Dec 09 '11 at 11:48
  • @hpnik try `ssh -t -L local_port:localhost:socks_port A ssh -D socks_port B` – Sachin Divekar Dec 09 '11 at 11:50
  • Firefox says: The proxy server is refusing connections. Why? – hpn Dec 09 '11 at 11:58
  • @hpnik, just to verify, is the tunnel up and running? Can you setup the tunnel again and check? – Sachin Divekar Dec 09 '11 at 12:04
  • @hpn: You should enter the correct host and port in your browser configuration: `localhost:local_port`. See updated answer. – erik Mar 15 '14 at 08:42