Forwarding your Traffic through SSH

As a consultant I am always on networks which can not be trusted.  One way to make sure no one is sniffing my traffic, I run my connection through an SSH tunnel.  This is something which is incredibly simple to do and just requires a machine which you can connect to through SSH.

The first thing you need to do is make sure you have tunneling setup on the machine you are going to connect to. This is in the /etc/ssh/sshd_config settings file.  You want to make sure you have the line:

PermitTunnel yes

Once you have that set you just need to restart sshd service, on CentOS/Fedora/Red Hat that would be:

service sshd restart

Now you are ready to connect to the tunnel.  What is nice is that no matter what services are being blocked as long as you can ssh out you will be able to connect anywhere.  To create the tunnel run the command:

ssh -fN -D <port number> <username>:<server>

The -fN creates the connection in the background.  If you want to run it in the foreground just leave that out.  The next parameter is the -D this defines the port you want to use for the Dynamic port forwarding (SOCKS Connection).  You can use any port, just make sure it isn’t already in use on the current machine.

The next and final step is just to configure your browser or computer to use the tunnel.  This is done in the network settings section of your OS or your Browser (depending on what you want to send through the tunnel).

NOTE:  Make sure you clear out any other fields in there and only leave the settings for SOCK or the application/OS may not use the tunnel. 

This entry was posted in Linux and tagged , , . Bookmark the permalink.

Leave a Reply