- October 1, 2012
-
Daniel Paluszek
- 2 min read
Here’s a good one courtesy of our own Tom Wilson:
Here’s a useful thing. It’s often useful for testing purposes to figure out what a network connection looks like from the client end as it’s often time-consuming or difficult to control a remote machine and check from the remote location. Instead, of struggling you can use SSH with the –D flag:
ssh –D xxxx username@customerserver.net
This will, like SSH normally does, get you command line access to the machine at customerserver.net. However, the –D flag and its numerical argument add a twist — they set up a SOCKS proxy on your machine at port xxxx, tunneling all the traffic across the SSH pipe. What this means is, as long as the ssh -D command is still running, you can set localhost:xxxx as a proxy in any application that supports it (web browser, mail client… etc.), and have all the traffic routed through customerserver.net. Great for quick diagnostics, and if you pick a port and stick with it (like, say, xxxx) you can leave your proxy settings intact and just switch which machine you SSH into. Combines well with VPNs…
A more user friendly example of use (well, for a more advanced user, that is) would be when you are on a network that blocks certain websites from access. Say your waiting for a flight and cannot access a site due to network restrictions. SSH using the D flag on port 80, 8080, or 8081 to grant http access. Use 443 for https. You can then setup the proxy in your web browser to connect to anything that isn’t restricted on the remote machine’s network. You can also open multiple terminal sessions to open multiple ports. This port proxy won’t work if your local network (say the airport) blocks your ssh port (obviously).
