![]() The SSH access to my server is not blocked in any way, and it works fine, and since I only send backend API requests over it the bandwidth is low enough for it not being discovered by censor-bots.īut I actually use an additional VPN on my Mac which sends my traffic to another server before sending it to my SSH Proxy server.ALSO READ: Perform SSH public key authentication with PSSH (without password) in Linux SSH through a proxy server Method-1: Pass Prox圜ommand using ssh options ![]() The whole reason I needed to do this from the beginning is because the location I am in have strict VPN laws and have implemented bots who systematically bans “un-registered vpns”, so one day they closed down my direct access to the corporate VPN, meaning I had to come up with a solution to circumvent the government censorship somehow. I have been using this solution for well over 6 months now, and it has been working flawlessly, and actually one of my colleagues have been using it as well.Īlso when connecting to the corporate VPN directly from my computer it sends ALL traffic through it, which is not ideal. ![]() Now you can close your SSH terminal window and bask in glorious control over where your traffic goes. If we don’t configure it to listen and the nature of establishing a virtual private network we will loose contact with out SSH Server and we’ll need to reboot it in able to access it again.Ĭonnect via SSH with a terminal to your Server and do the following commands: The first thing we need to do is configure the SSH Server to still listen to the same SSH ports even after connecting to the VPN. ![]() Now we want access resources behind our company’s firewall, in this case it means connecting our SSH Server / VPS to our corporate VPN. This type of redirection is sometimes called “a poor mans vpn”. So far we have only redirected our traffic to another place, which works great for obfuscating your location, or circumventing censorship by ISP or Governments. It should be in the same location as your SSH Server / VPS, in my case Singapore. We can test this out by for instance adding to your whitelist and checking your IP. By default it uses port 7070, and Proxy (HTTP, HTTPS, SOCKS5) is available at address “127.0.0.1:”.įor the network I’m configuring it as a SOCKS Proxy as below:Īfter doing this configuration all traffic now goes through our SSH Client and it will then direct traffic accordingly to your whitelist list. We can find the information we need on the General tab in the SSH Proxy clients Preferences shown below. We need to configure our network to tunnel traffic through the SSH Proxy Client that we have installed on our system. If it’s not I suggest you look at your SSH Account settings on the SSH Server, double check the IP address, accounts, and IP. If the connection is successful you can move on to the next step which is configuring the network settings in MacOS. It means any IP addresses or URLs that you add to the whitelist will tunnel. In the system menu bar in MacOS start the connection and test if it works, and, if you are like me who only want’s to tunnel work traffic through the SSH Proxy then apply the option to “Use Proxy Only for Sites on Whitelist” Authentication: Password for the SSH Server / VPSĬlick create and you land on the screen below:.Username: The user on your SSH Server / VPS.SSH Server: This is the IP address to you SSH server / VPS.Click the little plus sign to add an SSH server. Open SSH Proxy and go to Preferences, Server tab to configure the server settings. Going forward I’m going to use this as a client, I think other clients setup will be similar. I am using a SSH client called “SSH Proxy” to to handle the split tunnelling on my machine, it’s free and comes with whitelist and blacklist features. (I am using MacOS so I’ll walk through the steps as they were for me, sorry Windows users T_T) (We will go over configuring the VPN on the SSH Server / VPS in a later step) Enter fullscreen mode Exit fullscreen modeįirst step over! Since you successfully SSH:ed into your server using an SSH client half the work is already done.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |