
Dynamic port forwarding using SSH, SOCKS5 and a VPS - nohostname
https://medium.com/@antoniogioia/all-you-need-to-know-about-dynamic-port-forwarding-using-ssh-socks5-proxy-and-a-linux-debian-vps-c4503921400f
======
yc1010
I recommend using "autossh" to maintain ssh tunnels, since they could be
flacky on some connections.

One day I should do a write up, but i have made an interesting setup for some
robots I made

Server (with bots) > ssh tunnel maintained by autossh > vps > tinyproxy
listening to localip and binded to open vpn connection > sending traffic on
via an openVPN connection to random server (purevpn) in US

I even made scripts to periodically check status of the remote vpn status on
the vps and reconnect if they went down

tl.dr:

Server > VPS with tinyproxy/openvpn > VPN Provider ips > Internet

I could probably do it all on same server but its handy being able to switch
off the vps (and hence not pay for resources) when not in use and keeping
things separate

~~~
nohostname
thanks for suggesting autossh ;)

------
gruez
I'm sorry, but what's the point of this? Most of it is basic linux ssh setup,
and the rest is running

    
    
        ssh -D 8080
    

Most of the setup isn't even required. SSH forwarding works out-of-the box for
the vps provider I'm using.

~~~
nohostname
sure it works, if you are happy with default configurations. the article gives
informations on how things works and how to improve security

------
joshbaptiste
I Just use foxyproxy in Firefox or Chrome for fast proxy switching, good write
up overall, never heard of "ufw" iptables friendlier frontend script, I will
try it out.

~~~
nohostname
iptables can be scary (for beginners), ufw makes it easy but is still better
to know how to handle routes with iptables imho

------
gopalv
ssh -D is half the story of the problem, particularly with socks5a DNS over
it.

I'm becoming a bigger fan of sshuttle, everytime I need to use it.

Mostly by running SSH over the proxies using a CONNECT string (corkscrew) or
using a ssh proxy-command to hop once over out of a DMZ.

Those combinations & composability of ssh is what makes it so much more useful
inside a limited network.

~~~
nohostname
i have to look into sshuttle, i heard it's good

------
EugeneOZ
Instead of this wall of text I use Viscosity+pritunl vpn on gce. 5-clicks
setup and works fine.

~~~
nohostname
well the article is actually about a couple of commands but to explain them in
details you need some more text. once you got to know how it works you can
improve further and use other software like you do

