Tunneling SSH Connections
/etc/hostsfile to add these servers there.
ssh -CN -D 9050 user@my-remote-server
This creates a SOCKS proxy that you can access at localhost:9050. I found it easiest to use with Firefox and the FoxyProxy plugin. You can give that plugin a url mask- if that matches it will use the SOCKS proxy, otherwise it will use the default connection.
Here are my settings for the SOCKS proxy within FoxyProxy:
Update 7.5.2016: As Richard reports, if you are on a Mac you can configure its on board socks proxy like so:
# enable it: sudo networksetup -setsocksfirewallproxy Wi-Fi localhost 9050
# disable it: sudo networksetup -setsocksfirewallproxystate Wi-Fi off
networksetup command also has an option
-setproxybypassdomains to exclude certain domains from using the configured proxy.
ssh firewalled-serverand get a connection from my dynamic IP, without having to login to the remote machine and open another ssh session from there.
~/.ssh directory create a
config file that will contain entries like the following, separated by a blank line:
Host firewalled-server Hostname firewalled-server User my-username ForwardAgent yes Port 22 ProxyCommand ssh my-username@my-remote-server /bin/nc %h %p
On your remote server you should setup key based access by adding a ssh key to the authorized_keys file.
If the name of your firewalled server is not known through public dns you need to add the name(s) of your firewalled servers to the
Then, from your remote server, you should ensure you can ssh into the firewalled server, have added ssh key based access and accepted the fingerprint of the firewalled server so it’s added to the
If it works to log in from your local machine to your remote server and from there login via ssh key to the firewalled server, you should be able to directly hit the firewalled server via:
Unless, of course, we forgot something…