This series is written by a representative of the latter group, which is comprised mostly of what might be called "productivity users" (perhaps "tinkerly productivity users?"). Though my lack of training precludes me from writing code or improving anyone else's, I can, nonetheless, try and figure out creative ways of utilizing open source programs. And again, because of my lack of expertise, though I may be capable of deploying open source programs in creative ways, my modest technical acumen hinders me from utilizing those programs in what may be the most optimal ways. The open-source character, then, of this series, consists in my presentation to the community of open source users and programmers of my own crude and halting attempts at accomplishing computing tasks, in the hope that those who are more knowledgeable than me can offer advice, alternatives, and corrections. The desired end result is the discovery, through a communal process, of optimal and/or alternate ways of accomplishing the sorts of tasks that I and other open source productivity users need to perform.

Tuesday, November 18, 2014

Miscellaneous Tuesday quickies: creating and using ssh tunnels/proxies

This entry will concern tunneling so as to get around port-blocking restrictions. It's something I learned about some years ago, but had a difficult time wrapping my head around it. While I can't say I understand it a whole lot better now, I can at least say that I've been able to get it working.

In my case it was needed because I've been working in a library whose wifi network is set up to block a variety of non-standard ports. That's a problem for me since I run my (command-line) e-mail client on a home computer, and I connect to that computer via ssh--which, in turn, runs on a non-standard port. So, when I work in this library, I am unable to connect to my home machine to do e-mailing. There are also occasional problems with sites being blocked on this network (and, no, I'm not rying to view porn).

For this to work, one must have access to some machine outside the wifi network that runs ssh on port 443. I happen to have a shell account with a service that has just such a set-up.

In my case, then, I can set up the tunnel as follows:

ssh -L localhost:1234:my.dyndns.url:12345 -p 443 my-user@my.shellacct.net.

I am asked for my password, then logged into my shell account, and the tunnel is thus opened.

Then, to connect to ssh as running on my home machine, I simply issue

ssh -p 1234

To get around the occasional page blocking I've run into, I first downloaded a browser I will dedicate to this task--namely, qupzilla. Then, I need to set up a socks proxy, which is done via ssh, like so:

ssh -D 8080 my-user@my.shellacct.net -p 443

After that, it's a matter of configuring qupzilla (or your preferred browser) to route web traffic over the socks proxy you've just created. That's done by going to Edit > Preferences > Proxy Configuration, ticking the Manual configuration radio button, selecting socks5 from the drop-down menu, then entering localhost into the first field next to that and 8080 in the Port field. Click Apply and Ok, and qupzilla will be set to route its traffic over your proxy, thus avoiding the blocks instituted by the wifi network.

With this basic information, it should be clear how other sorts of ssh tunnels and/or proxies could be set up.