[ubuntu-uk] Little project

Jim Price d1version at hotmail.com
Sat Oct 16 00:38:39 BST 2010


On 15/10/10 23:26, Daniel Case wrote:
> Hi guys, I have a little project to do so that i can access my email and
> some other websites from college, it has a web filter so blocks such things
> which is annoying in 2 hour long 'free' periods. If I didn't have a web
> server running this would be quite simple, but sadly things are never as
> simple as they can be. I can use puTTy from college so would like to use X11
> forwarding with SSH.
>
> I have tried a direct connection but it timed out, I then learnt that the
> only port 80 connections can get out. What I am therefore trying to do is
> set up the web server so that any requests it receives on port 80 from a
> certain IP gets forwarded to port 22 and i should then be able to log in
> through SSH with X11 forwarding and bring up firefox. I have heard this is
> possible with Iptables?
>
> This is technically against my college IT ToS, but my computing tutors have
> said they will turn a blind eye if I manage to do it.

Is your web server at home behind a router? If so, I would find out if 
they have left any other ports open. Port 8080 would be a good bet, as a 
number of real web sites use that as an alternative to port 80. You can 
find one to test that out by Googling for "website on port 8080" 
(without the quotes there is one on the first hit). Port 443 is the 
default port for HTTPS, which you could use if your web server doesn't 
do any HTTPS - easy to check if that is open by trying 
https://www.google.com.

All you then need to do is set up the port forwarding on your router to 
take incoming requests on port 8080 (or 443) and forward them to port 22 
on your server you want to ssh to, then you can ssh into your home box 
by adding :8080 (or :443) to the IP address or name of your home 
connection. You need to make sure you secure your ssh access if you are 
going to make it available via the internet too - just a username and 
password is a bit weak even though you are on a non-standard port. 
Setting the ssh server up so that connections from the internet require 
a key with a passphrase should be enough.

Also, rather than trying to run Firefox using X11 forwarding, it would 
be a lot faster to just use the ssh connection as a socks proxy. That 
way you aren't sending screen update information back from your home 
server, just web browsing data.

It is also possible I haven't understood exactly what you are trying to 
do, of course. It is getting a bit late here.

-- 
JimP




More information about the ubuntu-uk mailing list