Re: Some routing advice (connecting through SSH)

To: Dan Christensen <jdc@uwo.ca>
Cc: debian-user@lists.debian.org
Subject: Re: Some routing advice (connecting through SSH)
From: Adam Warner <lists@consulting.net.nz>
Date: 26 Oct 2001 15:05:20 +1300
Message-id: <[🔎] 1004061921.7936.63.camel@work>
In-reply-to: <[🔎] 87ofmv6yru.fsf@uwo.ca>
References: <[🔎] 1004007296.1581.33.camel@work> <[🔎] 20011025153412.A4465@emac140.socio.gu.se> <[🔎] 87ofmvwoa1.fsf@uwo.ca> <[🔎] 87ofmv6yru.fsf@uwo.ca>

On Fri, 2001-10-26 at 13:16, Dan Christensen wrote:
> Dan Christensen <jdc@uwo.ca> writes:
> 
> > Hans Ekbrand <hans@sociologi.cjb.net> writes:
> > 
> >> On Thu, Oct 25, 2001 at 11:54:56PM +1300, Adam Warner wrote:
> >>> I want to route some traffic though a remote computer (R) to my home
> >>> computer (H). 
> > 
> > [web traffic]
> > 
> >> Another way of doing it, a bit more unsecure maybe, would be to
> >> install a proxyserver on R and only accept connections from H.
> > 
> > Yes.  For example, just install junkbuster or webwasher on R,
> > and set your browser on H to use R as a proxy.  I've done this
> > (for the same reasons as the original poster) several times.
> 
> I should have said that this can be combined with ssh port
> forwarding.  You have ssh forward H:1234 to R:5678, run a 
> proxy on R listening on 5678, and set your browser to use
> H:1234 as a proxy.

Thanks Dan. I'm beginning to understand this all now.

Here are three very good pieces of information:

http://www.webtechniques.com/archives/2000/09/webm/

In particular the "Port Forwarding" section.

And these two answers:

http://plaguesplace.dyndns.org/proxy-elites-faq/x89.html
http://plaguesplace.dyndns.org/proxy-elites-faq/x97.html

A Debian package search using apt-cache search has turned up this
excellent choice of proxy server: 

tinyproxy

Description: A lightweight, non-caching, optionally anonymizing http
proxy

 An anonymizing http proxy which is very light on system resources,
 ideal for smaller networks and similar situations where other proxies
 (such as Squid) may be overkill and/or a security risk. Tinyproxy can
 also be configured to anonymize http requests (allowing for exceptions
 on a per-header basis).

OK I think I understand this now. I install tinyproxy and configure it
to a port (I've set it up securely so that only localhost can access the
proxy). I then use ssh -L to tunnel the proxy traffic to my home
machine. And I set up my web browser to access the appropriate localhost
port (when I want to be able to access the appropriate resources).

Using Lynx I have been able to verify that the proxy is working (by
setting the http_proxy environment variable). I haven't worked out the
correct format of ssh -L yet, but I'm sure I'll figure that out.

I'm very pleased with this solution. It appears to be extremely secure.

Thanks all,
Adam

Reply to:

Follow-Ups:
- Success: Some routing advice (connecting through SSH)
  - From: Adam Warner <lists@consulting.net.nz>

References:
- Some routing advice (connecting through SSH)
  - From: Adam Warner <lists@consulting.net.nz>
- Re: Some routing advice (connecting through SSH)
  - From: Hans Ekbrand <hans@sociologi.cjb.net>
- Re: Some routing advice (connecting through SSH)
  - From: Dan Christensen <jdc@uwo.ca>
- Re: Some routing advice (connecting through SSH)
  - From: Dan Christensen <jdc@uwo.ca>

Prev by Date: Re: Apt preferences (was Re: apt question)
Next by Date: Re: X can't init font path elements?
Previous by thread: Re: Some routing advice (connecting through SSH)
Next by thread: Success: Some routing advice (connecting through SSH)
Index(es):
- Date
- Thread