https://help.ece.ubc.ca/mediawiki/index.php?title=How_To_Tunnel_Connections_Through_SSH&feed=atom&action=historyHow To Tunnel Connections Through SSH - Revision history2024-03-29T12:29:05ZRevision history for this page on the wikiMediaWiki 1.34.2https://help.ece.ubc.ca/mediawiki/index.php?title=How_To_Tunnel_Connections_Through_SSH&diff=58&oldid=prevJazminl: New Page2009-05-15T23:07:41Z<p>New Page</p>
<p><b>New page</b></p><div><!--Originally written by: Derek Poon--><br />
<!--Originally written on: 2008-Jan-11--><br />
<br />
==Background==<br />
The ECE firewall secures the ECE network from hostile Internet traffic.<br />
SSH tunneling is one way to work around some of the limitations imposed by the<br />
firewall. (Another method to tunnel through the firewall is to use<br />
[[How To Use VPN|pool-based VPN]].)<br />
<br />
Although SSH is commonly used as a terminal to obtain a remote shell prompt,<br />
it can also be used for web browsing and running X applications.<br />
<br />
<br />
==Instructions for Unix / Linux / Mac OS X Clients==<br />
Linux, Mac OS X, and most Unix workstations come with<br />
[http://www.openssh.com/ OpenSSH] already installed. You can specify which<br />
ports to tunnel using the ''-D'', ''-L'', ''-X'', and ''-Y'' options. For<br />
example:<br />
<br />
<pre><br />
ssh -D1080 -L1706:service:1706 -L1711:service:1711 -X ssh.ece.ubc.ca<br />
</pre><br />
<br />
* '''''-D1080''''' Sets up a SOCKS proxy on port 1080, which is useful for web browsing. (If you then configure your web browser to use a SOCKS proxy on ''localhost'', port 1080, then your web browsing requests will appear to originate from ''ssh.ece.ubc.ca'' instead of from your machine.)<br />
* '''''-L1706:service:1706''''' Forwards a local TCP port. With this forwarding in place, you can connect to ''service.ece.ubc.ca:1706'' by connecting to port 1706 of your workstation instead.<br />
* '''''-X''''' Forwards X11 connections. With X11 forwarding, you could for example run ''xclock'' on ''ssh.ece.ubc.ca'' in the SSH session and have the application displayed on your workstation.<br />
<br />
<br />
==Instructions for Windows Clients==<br />
First, install and launch PuTTY (see [[How To Use SSH]]).<br />
<br />
At the first screen, enter the host to connect to (the host that your<br />
connections will tunnel through).<br />
<br />
[[Image:SshTunnel_PuTTYSession.png]]<br />
<br />
The tunnels are configured on the ''Connection'' > ''SSH'' > ''Tunnels'' pane.<br />
<br />
To set up a SOCKS proxy on port 1080, enter ''1080'' as the ''Source port'',<br />
select ''Dynamic'', then click ''Add''. (If you then configure your web<br />
browser to use a SOCKS proxy on ''localhost'', port 1080, then your web<br />
browsing requests will appear to originate from ''ssh.ece.ubc.ca'' instead of<br />
from your machine.)<br />
<br />
[[Image:SshTunnel_PuTTYTunnelSOCKS.png]]<br />
<br />
To set up a tunnel such that connections to port 1706 on your machine<br />
end up as connections to port 1706 on ''service.ece.ubc.ca'', enter ''1706''<br />
as the ''Source port'', ''service.ece.ubc.ca:1706'' as the ''Destination'',<br />
select ''Local'', then click ''Add''.<br />
<br />
[[Image:SshTunnel_PuTTYTunnelLocal.png]]<br />
<br />
[[How To Display X Applications On Windows|X11 tunnels]] may be configured through<br />
the ''Connection'' > ''SSH'' > ''X11'' pane.<br />
<br />
When you are done configuring the tunnels, click ''Open'' to start the SSH<br />
session and activate the tunnels. Before you do so, you may wish to go back<br />
to the ''Session'' pane to save the configuration.<br />
<br />
<br />
==See Also== <br />
* [[How To Use SSH]]<br />
* [[How To Use VPN]]</div>Jazminl