60. How do I use port forwarding and SOCKS-proxy in SSH?
Let us assume that there is a service on a server listening to a local port 8787.
Port forwarding using PuTTY in Windows
"c:\Program Files (x86)\PuTTY\putty.exe" -L 8787:localhost:8787 youraccount@server.department.uu.se
PuTTY can of course also be configured using the GUI.
Port forwarding using OpenSSH in Linux and macOS
ssh -L 8787:localhost:8787 youraccount@server.department.uu.se
SOCKS-proxy using PuTTY in Windows
Also be aware that you can use PuTTY and OpenSSH as a SOCKS-proxy which can be used to access arbitrary ports."c:\Program Files (x86)\PuTTY\putty.exe" -D 9999 youraccount@server.department.uu.se
SOCKS-proxy using OpenSSH in Linux and macOS
ssh -D 9999 youraccount@server.department.uu.se
Acessing the SOCKS-proxy from the web browser
Let your web browswer be configured to use this SOCKS-proxy.Firefox is configured in Preferences, General and Connection Settings like this:
Chrome can be started with the SOCKS-proxy as a command line argument. This example is in macOS:
open /Applications/Google\ Chrome.app --args --proxy-server="socks5://localhost:9999"
Will it work?
Then start the web browser and go to a web page which displays where you are connecting from.
It looks like you right now are using IP 44.200.40.195 but you can go to What is my IP-address and MAC-address? in this FAQ or perhaps www.whatismyip.com.
In the screenshot to the right I have connected to UPPMAX over SSH and proxied my browser via that server.
This can be useful for working with the Bianca system (see step 2). Please note that you are personally responsible for fullfilling any security requirements required for your local computer, your work process or how you access the data.
Here is an example on how to on macOS connect to Bianca at UPPMAX
graphically with Chrome. The first command opens a SOCKS-proxy on
Rackham via SSH but do not run any command and put the process in the
background. The second command start Chrome and uses that proxy.
ssh -D 8888 rackham.uppmax.uu.se -N -f open /Applications/Google\ Chrome.app --args --proxy-server=socks5://localhost:8888 https://bianca.uppmax.uu.se
Please note that using a SSH Proxy like this will not protect your
local IP from the web server due to how WebRTC is leaking the local
IP. This do not protect against DNS leaks either.