Sometimes it becomes necessary to work from a browser (for example, firefox ) as if from another point on the network (where there is access via the ssh protocol).

  • for example, you need to work with a website that is accessible only on the local network, from the outside world. there is ssh access to the machine on this local network.
  • or when accessing a website, it is required to “pretend” working from another country (and there is ssh access to the server in this country).
  • or in the local network there is no access to the Internet at all, but there is ssh access to the machine on which connections to the Internet are allowed.

how to do all this? how to configure the browser? how to run ssh client?

    1 answer 1

    Suppose you are connecting to a server using the ssh protocol with the following command:

    $ ssh user@server

    then you will need:

    1. start the ssh client with the -D порт option, then the ssh program will listen to the specified port on the local computer and (while running) all calls to this port using the socks protocol will be relayed to the server:

       $ ssh -D 1122 user@server

      the port number here is arbitrary, but, of course, must be greater than 1024 and less than the maximum port number (most likely, it is 65536 on your system), and, of course, should not be used by any other local process.

    2. in the firefox browser on the about:config page, change the following parameters:

      1. network.proxy.type = 1 (0 - disable proxy)
      2. network.proxy.socks = 127.0.0.1
      3. network.proxy.socks_port = 1122 (the port that you specified above)
      4. network.proxy.socks_remote_dns = true (dns requests will also be sent through the tunnel)

      The above settings can be made using the "mouse" - on the page "preferences": "advanced" → "network" → "settings".

    socks settings for firefox

    to disable proxying, it’s enough to change one parameter - network.proxy.type = 0 .

    It will probably be convenient enough to have a new profile in firefox with these settings, so that they do not interfere with "normal" work. You can start firefox so that it shows the profile selection dialog, like this:

     $ firefox --no-remote -P

    you can immediately run the desired profile. for example, if you called the proxy profile:

     $ firefox --no-remote -P proxy

    most likely, similar settings can be made in other browsers. consult your browser documentation on the use of socks-proxy .