An example:
I am trying to use PuTTy to create an SSH tunnel from my laptop to my server (for the purposes of this example MyServer.com:22). Port 22 is enabled on the router between MyServer.com and the Internet.
MyServer.com is running a Privoxy HTTP Proxy on the default port of 8118. Port 8118 is not enabled on the router.
When I create a tunnel from a local port on my laptop, say 3500, to MyServer.com:22, and then configure my web browser to use localhost:3500 as a Proxy, I do not get web pages appear in my web browser – instead, I get a line of text from Open SSH describing the version number of the software in the Web Browser.
I have seen (and not fully understood) references to SOCKS and the ProxyCommand keyword in the sshd_config OpenSSH file. Am I able to utilise one/both of these in order to create a tunnel to MyServer.com:22 which serves web pages, or is it absolutely neccessary that the HTTP Proxy on MyServer.com:8118 is exposed to the Internet?
Best Answer
It because you're using the local port forwarding technique:
This command allocates a socket to listen to port 3500 on your laptop. And when you configure the browser to use
localhost:3500
as a proxy, web traffic is forwarded over the secure channel, and a connection is made toyourserver.com:22
, and in fact, you'retelnet
ing to the your server, it's why you get the SSH version:You probably want to use dynamic port forwarding instead:
This technique uses the application protocol to determine where to connect to from your server.
Don't forget to configure web browser to use SOCKS Host, not HTTP Proxy.