From: W. Trevor King Date: Wed, 15 Aug 2012 20:36:04 +0000 (-0400) Subject: Add SOCKS post. X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=9f87793f827a6d8dfd54a1df1e1db4947f8f0119;p=blog.git Add SOCKS post. --- diff --git a/posts/SOCKS.mdwn b/posts/SOCKS.mdwn new file mode 100644 index 0000000..0af84ab --- /dev/null +++ b/posts/SOCKS.mdwn @@ -0,0 +1,51 @@ +Many journal articles are not freely available, but require some kind +of Drexel subscription. Usually, they will seem free when you connect +from a Drexel IP address, but when you connect from home you have to +go through the whole rigmarole with Drexel Library's SFX doodad to get +your article. What a pain. I had previously [[SSH]] tunneled my X +server out to newton, and fired up Firefox on newton. Not much +better, since tunneling Firefox is *slow*. [w3m][] is faster, but +without good JavaScript support a lot of “modern” sites leave you +without much functionality. I discovered a neat solution courtesy of +[Carthik][]. + +You can get around the drag of forwarding X from newton, and just +forward the webpages directly by setting up a [SOCKS][] proxy with +[[SSH]]. This is done in a number of possible ways through SSH, but +the following two lines are the most common. If you want to simply +carry the connection through without a shell opening: + + $ ssh -fND localhost:9999 you@newton.physics.drexel.edu + +if you want to open a tunnel and a shell at the same time, you could run: + + $ ssh -D localhost:9999 you@newton.physics.drexel.edu + +Now port 9999 on your computer takes you to a SOCKS proxy on Newton. +Open Firefox on your home computer and set it up to use the proxy with + + Edit -> Preferences -> Advanced -> Network -> Settings -> Manual Proxy Configuration + +And enter `localhost` and `9999` in the `SOCKS Host` fields. Click +`OK` and you're done. + +For bonus points, you can also make your DNS queries from Newton by +entering + + about:config + +in Firefox's URL field, and setting + + network.proxy.socks_remote_dns + +to `true`. + +If you're tunneling your DNS queries, you can also use this method to +access services otherwise screened by intervening firewalls. For +example, I can log in from home to check the status of our lab's +[[chemical inventory|ChemDB]], but the only port our router needs to +expose to incoming connections is for SSH. + +[w3m]: http://w3m.sourceforge.net/ +[Carthik]: http://ubuntu.wordpress.com/2006/12/08/ssh-tunnel-socks-proxy-forwarding-secure-browsing/ +[SOCKS]: http://en.wikipedia.org/wiki/SOCKS