15 July 2013

476: Rehash: using a browser proxy via tunnel, through a router and with reverse ssh

I may have covered this at some point, but if so, I can't find the post.

Here's the situation:
You have a linux computer at work, which is behind a corporate firewall.
You have a router at home which runs an ssh server (e.g. running tomato).
You have a computer at home, which sits behind the router above.
You want to browse from home using the corporate network

In my case it's a little bit different -- I want to make a change to the router my office network (I have my own office) sits behind, and the easiest way to do that is by logging onto that router via http (it's a stock netgear router).

How to:
First, at work, connect to your home router using reverse ssh, so that all traffic on port 19999 on the router gets sent to port 22 on your work computer:
ssh -R 19999:localhost:22 root@myhomerouter

Later, at home, forward all traffic to port 8989 on your home computer to localhost:19999 on your router (which then gets sent to port 22 on your work computer):
ssh -L 8989:localhost:19999 root@192.168.2.1

We've assumed that the router sits on 192.168.2.1 from inside the LAN. Localhost here refers to your home computer, while localhost in the command before that refers to the router.

Then, in a different terminal, open a proxy through port 8989:
 ssh -D 8888 me@localhost -p 8989

Finally, you can now edit your browser/network settings to use a SOCKS proxy on port 8888 like you would with any other proxy.

No comments:

Post a Comment