Here is the problem. You are at work or visiting your mom back in your home state and you want to get access to your home network. You could:
- spend hours/days/years making a vpn work using a consumer grade vpn router which, lets face it, is a cheapo unreliable piece of hardware.
- buy a $500+ commercial grade vpn appliance
- spend hours/days/years building your own router using linux and add a vpn server to that
OR
You can use ssh to create a socks proxy.
What is a socks proxy? Socks is an internet protocol that facilitates the routing of network packets between client-server applications via a proxy server.
The first requirement is an open ssh server. You can use ssh on your router (if it has the feature – look at OpenWRT if not) or you can forward the ssh port from a server inside your network using the router. Most routers have port forwarding so this is the easiest solution. Make sure you set up something like dyndns so that you don’t have to remember your ip address. Plus most isp’s use dynamic ip addresses so your ip will change from time to time and dyndns will allow that to happen without you needing to do a thing.
Now that you can ssh to your home network you want to setup the tunnel. In the terminal you want to use the -D command to set the local socks port. Here is an example:
ssh -D 1080 -p 22 username@homenetwork.net
In the example 1080 is the port for your socks proxy to accept connections and 22 is ssh port that you are connecting to. Lastly is your username and host to connect to. Once you have logged in to the machine you can minimize the window.
Next, in firefox’s Preferrences -> Advanced -> Network -> Settings Window or your computer’s network proxy settings. You configure the socks proxy as 127.0.0.1 port 1080.
That’s it. Now when you browse the internet the packet is going to the machine you connected to via ssh first. This means that you are browsing as if you were at that machine. You can then browse to local ip addresses in your home network and access those pages. For example, if your router’s status page is at 192.168.1.1/status you can type that in the url and get that page. Try it.
One Response
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.
The same sort of proxy can be established on a win machine via putty.