Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Tunneling http/IM traffic via OpenVPN/SSH?

  • 07-07-2009 10:43am
    #1
    runswithascript
    Registered Users, Registered Users 2 Posts: 2,799 ✭✭✭


    I basically want to use the internet as normal from an offsite Windows XP PC but have a second instance of Firefox running and also Pidgin the multi protocol IM client tunnelling all their traffic over the internet through my Ubuntu box at home.

    I've read a few places that OpenVPN is the best way to go about this but SSH may be easier?

    There's an OpenVPN general guide but it's quite extensive and I'm lost in it so far. I'd been googling for a concise guide written by a user because I figured I can't be the first person wanting to do this but I didn't come up with much.

    What do you think?


Comments

  • #2
    johnciall
    Registered Users, Registered Users 2 Posts: 445 ✭✭johnciall


    i do pretty much that Via SSH it's quite straigh forward to set up


  • #3
    rmacm
    Closed Accounts Posts: 2,039 ✭✭✭rmacm


    LA3G wrote: »
    There's an OpenVPN general guide but it's quite extensive and I'm lost in it so far. I'd been googling for a concise guide written by a user because I figured I can't be the first person wanting to do this but I didn't come up with much.

    What do you think?

    If you want to go the OpenVPN route there's a bare bones guide here:

    http://openvpn.net/index.php/open-source/documentation/miscellaneous/78-static-key-mini-howto.html

    Sets up a simple point to point VPN.


  • #4
    KeRbDoG
    Registered Users, Registered Users 2 Posts: 4,274 ✭✭✭KeRbDoG


    johnciall wrote: »
    i do pretty much that Via SSH it's quite straigh forward to set up

    Very easy to do with SSH, if your using windows you can use the SSH client 'putty'

    A easy to follow guide below;
    http://www.webhostingtalk.com/showthread.php?t=539067

    Note, I think DNS calls will still stay local unless yea get your browser to forward them also - in firefox that option would show up if yea put about:config into your address bar


  • #5
    runswithascript
    Registered Users, Registered Users 2 Posts: 2,799 ✭✭✭runswithascript


    Okay well this is what I've done ubuntu side:
    laeg@skyrocket:~$ ssh 127.0.0.1 [EMAIL="laeg@xx.xxx.xx.xxx"]laeg@my.internet.ip[/EMAIL]
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
RSA key fingerprint is <left this hex out in case i'm not supposed to share it>
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added '127.0.0.1' (RSA) to the list of known hosts.
Write failed: Broken pipe

laeg@skyrocket:~$ ssh [EMAIL="laeg@my.internet.ip"]laeg@my.internet.ip[/EMAIL]
The authenticity of host 'my.internet.ip (my.internet.ip)' can't be established.
RSA key fingerprint is <left this hex out in case i'm not supposed to share it>.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'my.internet.ip' (RSA) to the list of known hosts.
[email]laeg@my.internet.ip[/email]'s password: 
Linux skyrocket 2.6.28-13-generic #45-Ubuntu SMP Tue Jun 30 19:49:51 UTC 2009 i686

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

To access official Ubuntu documentation, please visit:
[URL]http://help.ubuntu.com/[/URL]

laeg@skyrocket:~$

    And I'll use the putty guide linked when I'm next at the windows box.

    Is there anything else I need to do ubuntu side?


  • #6
    runswithascript
    Registered Users, Registered Users 2 Posts: 2,799 ✭✭✭runswithascript


    Have it sorted.

    Only ssh and ssh-server needs to be installed for the tunnel to work.

    No commands need to be entered.

    All I did was ssh to it with PuTTY on port 22 after configuring the tunnel to be dynamic on port 5555.

    I then pointed Firefox at the proxy which was 127.0.0.1

    I'm amazed at how easy it was to do once I actually knew what to do.

    I'll use it at work to get around the firewall (allowing me to view blocked sites and keep my browsing history completely private) and allow IM and also for security whenever I'm using the net in places other than my home.

    Next SSH keys, port knocking and DNS tunneling :cool:

    P.S - you can run the openssh server on a windows PC too, so windows users shouldnt be dettered.


  • Advertisement
  • #7
    Gavin
    Registered Users, Registered Users 2 Posts: 4,676 ✭✭✭Gavin


    Setup SSH keys as soon as possible. SSH dictionary attacks are a dime a dozen. Don't bother with port knocking. DNS tunneling is a good idea too alright.


  • #8
    KeRbDoG
    Registered Users, Registered Users 2 Posts: 4,274 ✭✭✭KeRbDoG


    Gavin wrote: »
    Setup SSH keys as soon as possible. SSH dictionary attacks are a dime a dozen. Don't bother with port knocking. DNS tunneling is a good idea too alright.

    Very easy in Firefox to have DNS queries to run over a tunnel - see the link below;
    http://wiki.freaks-unidos.net/weblogs/azul/firefox-ssh-tunnel#configure-firefox-to-use-the-tunnel-also-for-dns


Advertisement