Non-transparent proxies are generally a complete nuisance at the best of times and huge consumers of time and IT resources at their worst. Sadly proxies are a popular feature in corporate IT networks, so it’s not always possible to avoid them entirely.
Ideally the administrators will have the HTTP/S proxy running transparently, so that users never need to know or configure proxy settings for browsers or other HTTP using applications.
Unfortunately some networks also make use of SOCKS proxies, to block all outgoing TCP and UDP connections unless otherwise authorised. Whilst the feature set of SOCKS is very similar to a firewall, unlike a firewall it’s not network transparent and your applications need to be aware of it and configured to use it.
There’s a lot of information on the web about configuring SSH to *create* a SOCKS proxy, but not a lot about how to use SSH *via* a SOCKS proxy. Because I don’t want to waste any more minutes of my life on the mind-numbing pain that is proxies, the following is the easy command to open an SSH connection through a proxy server:
ssh -o ProxyCommand='nc -x myproxyserver.example.com:1080 %h %p' \ targetsshserver.example.com
Commenting to celebrate the new post..
How’s life?
Hehe, yeah its been a while since I last posted an update…. just been so busy lately, I haven’t had a chance to post an update :-(
Things are good, work is interesting, etc… looking forwards to my next visit home however
Check out sshuttle as well, for not having to use SOCKS proxies per app..
Thank you for mentioning sshuttle! I had no idea this existed for the past 2-3 years
On Windows, there are tools like ProxyCap that can tunnel all traffic/specific apps through proxy.
Thanks a lot! Spent some time on searching. This one is the simplest!
Can you make the DNS resolution go though the SOCKS5 proxy? In case that’s blocked too or I don’t want to give away my position.
OK, nc -X should do it.
Tanks.
Thanks man, right to the spot!
Many thanks! Saved me a lot of time not having to configure OpenVPN for the few times I work from a remote location.
Thanks for this! You simply find just tutorials how to create a SOCKS PROXY via your SSH to tunnel that shady website from your Workplace to your DSL line at home…