Imagine you want to use Screen Sharing to connect to secundus. You can tell primus to point the endpoint of an ssh tunnel at secundus with:. Note: secundus. They do have to make sense on the remote host, though, otherwise you will get an error. In the following examples the local IP address Either way, you can then point Screen Sharing at localhost and it will connect through primus to Screen Sharing on secundus. Keep in mind, that while the connection from the start point on your Mac to the host primus is secured by ssh the connection from primus to secundus is not.
In general you can use ssh port forwarding or tunnels for any service. Some services however, may introduce extra pitfalls. The problem here is not the ssh tunnel but the the web server on the router. As part of the http request, the browser sends the name of the domain requested to the web server. This allows web servers to host different pages for different domains. However, since navigating the web interface of the router with curl is out of the question I had to find a different solution.
Then I can set the Socks proxy to localhost in the proxy tab in the Network pane in System Preferences. You probably want to create a new network location for this setup. Then all network traffic will be securely routed through the ssh tunnel to my Mac at home where it can connect to the router. However it is somewhat painful to set up and maintain, so if you start using this more frequently, you probably need to look into a proper VPN service solution some routers, ironically, provide one…. Previous Post: Transferring Files with ssh.
Your email address will not be published. Note: If you want to terminate the tunnel you'll have to grab the PID via ps and use the kill command, which we'll show you how to do later. If you haven't installed it yet, download PuTTY and save it where you like. PuTTY doesn't require admin rights to install; just download the. Then you won't have to enter your username and password every time you open the connection. Now that you have an SSH tunnel, it's time to configure Firefox to use that tunnel. Remember that for a SOCKS 5 tunnel to work, you have to use a local application that can take advantage of the tunnel; Firefox does the trick.
The following steps were performed with Firefox version 39 but should work on other versions, though the locations of the options may be different. Now, open another tab in Firefox and start browsing the web! You should be all set for secure browsing through your SSH tunnel. Optional: To verify that you are using the proxy, go back to the Network settings in Firefox. Try entering a different port number. Click OK to save the settings. Now if you try to browse the web, you should get an error message The proxy server is refusing connections.
This proves that Firefox is using the proxy and not just the default connection. Revert to the correct port number, and you should be able to browse again. Click on the radio button for Use system proxy settings and click OK. Firefox will now browse over your normal connection settings, which are likely unsecured. If you are done using the tunnel you'll have to terminate the tunnel as well, which we cover in the next section. The tunnel we created earlier on our local machine was sent to the background, so closing the terminal window you used to open the tunnel won't terminate it.
About the App
To terminate the tunnel we need to identify the process ID PID using the ps command, and then kill it using the kill command. Find the line that looks like the command you entered earlier to create the tunnel. Here's some sample output:.
From the beginning of the line, in one of the first two columns, is a digit number. This is the PID. Above, the sample PID of is highlighted. Now that you know what the PID is, you can use the kill command to bring the tunnel down.
Use your own PID when you kill the process. In Windows there isn't an easy way to automate the connection process, but both PuTTY and Firefox can save the settings you've previously entered, so just open the connections again to use the tunnel again.
For OS X or Linux systems, we can make an alias or create a script to quickly create the tunnel for us. The following are two ways to automate the tunnel process. If you want an icon to double click and the tunnel just starts, we can create a simple BASH script to do the job. You can always use the which firefox command to find out where it is on your system.
Is it possible to setup a VPN over SSH on Mac OS X? - Quora
In the script below replace the path to Firefox with the one that is appropriate for your system. Save your script. Make the script executable, so that when you double click on it, it will execute.
From the command line, enter this command to add execute permissions, using your own script path:. So if you want your traffic to look like it originates from a different location, then this is one way to do it. Download PuTTY putty. In order to create your tunnel, you'll need an external server to connect to. This could be a home server, company server, or one you rent from a server hosting company. Enter in the Source Port box and select the Dynamic radio button. Click Add and D will appear in the Forwarded Ports list.
Some of the more useful flags you can use are -C2qTnN , which have the following affects:. This will force all traffic through port on your local machine, which is the same port your SSH tunnel is listening on. Your tunnel will receive this traffic and forward it on to the server it is connected to.