
This is just a reference guide to accomplish a ssh tunnel and I'm assuminig that you already know what a ssh tunnel is. Otherwise take a read at wikipedia: http://en.wikipedia.org/wiki/Tunneling_protocol and google a little bit :)
Create an ssh server in Windows:
Let's first create a ssh server in windows (I have tested that it works fine with win 7)
- In you window machine download and install FreeSSHd: http://www.freesshd.com/?ctt=download .
- Run the executable and install it into your windows computer. Let the installer creates the required keys. (do not install it as a service, because when you will need it, you will run it by yourself.. right?).
- Launch the program: start->freesshd->freesshd. after the icon tray appears, right click it and press settings.
If you experience problems with the windows UAC, run it as administrator. - Make sure that the ssh server is running under the server status tab.
- Click the Tunneling tab and flag as following:
Allow local port forwarding = yes
Allow remote port forwarding = yes - Under Users tab, click Add and create a sample user as following:
Login: test
Authorization Pasword stored as SHA1 hash
Password: test
User can use:
-SSH = yes
-Tunneling = yes - Click OK to save and close the window.
To make sure that your SSH server works, download
putty and try to connect. You should connect to localhost at port 22 and when the login is prompted just use username "test" and set the password to "test".
Create an ssh server in Linux:
- install openssh-server :)
if you are using Debian as me, just type apt-get install openssh-server as root - make sure that you can ssh to it with a valid login
Create the tunnel
I will describe how to create the tunnel in linux, because my primary laptop is a Debian box. If you are using windows, there are so many guides over the net... just try to figure out how to do that with Putty.
Port Fordwards
You will forward all your local request to your ssh server
ssh user@yourSshServer -L LocalPort:remoteAddressToReach:RemotePortToReach -N
Let's see in details:
user@yourSshServer : is the user that will be used to connect to the ssh server. If you have created the ssh server in windows, just use test@yourWinIpCompuer
-L creates the port forwarding
-LocalPort:RemoteAddressToReach:RemotePortToReach means:
-LocalPort: you are making the port forwarding from your local port 9999 (localhost:9999)
-RemoteAddressToReach: the address you want to reach
-RemotePortToReach: the remote port you want to reach
-N prevents running command through ssh
So if you want to RDP (Remote Desktop) a server named sampleserver.com you will run:
ssh test@sshServerIp -L 9999:sampleserver.com:3389 -N
Now I can connect and rdp the server using localhost:9999
SOCKS Proxy
Unfortunalty this is not possible if you want to use your ssh server for browsing the web, because most of websites replies on specifics host headers as defined in the http 1.1 protocol.
What you need here is to set up a local socks server which will translate every http request.
ssh user@yourSshServer -D localhost:9999 -N Let's see in details:
user@yourSshServer : is the user that will be used to connect to the ssh server. If you have created the ssh server in windows, just use test@yourWinIpCompuer
-D localhost:9999 binds the socks proxy on local port 9999
-N prevents running commands through ssh
Once you have launched this command, open your browser and configure to use the socks proxy.
In firexfox go under Edit -> Preferences -> Network -> Settings:

And you are done!