Re: sftp sources?
Sam Halliday wrote:
[ftp/http is bandwidth limited on university network, ssh isn't limited]
[idea: tunnel ftp/http via ssh and a remote friendly proxy]
>interesting,
>
>ok, i think this could work, ill try to set it up for them on my
>machine to see, for now. anyone got any hints where i can read up about
>setting this kind of thing up? i've never done anything like this
>before, nor have i ever heard of it!
Here are some good resources:
http://www.rzg.mpg.de/networking/tunnelling.html
http://www.afp548.com/Articles/security/ssh-tunnels.html
But i'll try to explain what's on my mind:
Once you have a proxy working on your machine (say, squid on port 8000),
and an account made for your pals to ssh-in, you tell your them to do
something like this:
$ ssh -L 8000:localhost:8000 -fNC yourpalsaccount@yourmachine.isp.tld
(you can read ssh's manpage to understand all the options here)
And they should have lines like these in their /etc/apt/apt.conf:
Acquire::http::Proxy "http://localhost:8000";
Acquire::ftp::Proxy "http://localhost:8000";
Of course, if the connection goes down for whatever motive, they'll
have to re-establish the tunnel. There are some tools to automate this
(autossh for example), but then you'll need some public-key
authentication going on to avoid entering the password every time.
HTH,
--
Cristian Gutierrez http://www.dcc.uchile.cl/~crgutier
crgutier[@]dcc.uchile.cl Jabber:crgutier@jabber.org
Get with the program, jeffrey. No one is "wrong" on Usenet. They are
either 100% totally correct, or they are "a lying, scum sucking weasel."
There is no in between. -- Garrett Johnson, in talk.politics.misc
Reply to: