Windows – Using an SSH tunnel to browse the web

httpport-forwardingputtyssh-tunnelwindows

The setup:

A windows workstation with Full admin rights.
A very restrictive http proxy, which, however, accepts connection towards port 80 and port 443 only.
A linux box on the internet I have complete control of.

Currently, what I do, which is working:

The linux box run sshd, listening on port 443.
In putty, I can connect to the linux box simply by configuring in the proxy configuration panel the proxy as an HTTP proxy.

What I would like to achieve:

Run a browser, on my Windows box and, by using some kind of ssh tunnel, browse the web without any limitations.

I believe this is called proxy bouncing, or something like this. But I must admit, that I am a bit lost.

From what I understood, I would have to configure a tunnel into putty, listening on port 8889 on the windows box for example.
I would then be able to configure the browser to use a proxy located at localhost:8889

The moment where things are becoming blurry is now.

On the linux box, I would have to configure a ProxyCommand in the SSH config file or something like that to do Port Forwarding ?
In addition, would I have to run a proxy like squid on the linux box ? Some kind of tutorial I found describe a setup with Apache:

Or am I completly in the wrong direction and do I have to run ProxyTunnel both on the windows and linux box ?

Thanks for your help.

Edit: Actually, the question is more: What do I have to do on the linux side of the tunnel

Best Answer

There are two parts to getting this to work, so I'll address them seperately.

Connecting to your Server:

As you've mentioned that all you can talk to is a proxy on 443 and 80, you'll need to tunnel your SSH connection out through the proxy. You do that by telling Putty to use the proxy server to connect. Under the 'proxy' menu. Select HTTP and then enter the details for the corporate proxy.

From your post, it seems like you've got the connection working fine.

Configure Putty to Create a SOCKS proxy on the local machine

Both putty and OpenSSH support opening a SOCKS proxy. For OpenSSH you'd use:

ssh -D <port>

And then point your browser at that port. In putty you create a 'dynamic' port forward. You'll find it under the Tunnels menu. Enter your desired listening port and then enter anything you like as a destination (it gets ignored for dynamic forwards). You can then point your browsers proxy settings at that localhost:<port> and it should work.

For more information, the relevant part of the putty documentation is at http://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter3.html#using-port-forwarding.

As others have posted you may not want to circumvent the corporate filtering though as it's not something you may want to explain :).

Best Answer

Related Solutions

Firewall – Running multiple services on Port 443, Tunnel SSH over HTTPS

How to setup an ssh tunnel to an internal network’s web server from outside the internal network using Putty

Related Topic