| |
SocksProxy 64 - 08 Dec 2020 - Main.JeremyLee
|
|
META TOPICPARENT | name="WebHome" |
Secure Proxy Browsing | | Once you have opened the terminal application simply enter this command "ssh -D 7070 uni@cunix.columbia.edu" where "uni" is your own UNI, e.g. abc1234. When you hit enter it will try and connect to the Columbia CUNIX cluster. Assuming your network connection is working, the next thing you see will be a message asking if you wish to accept the host key for the CUNIX machine. Hit enter to accept it and then you will be asked for your Columbia UNI and password. Log in normally and it should complete setting up the tunnel and return you to a blinking cursor with no further chatter. Now you are logged in to the CUNIX machines. From here you could run other programs on the CUNIX machines, but that would be for another lesson. For this exercise, simply leave your terminal window open and move on to step two. | |
< < | Windows users | > > | Note for Windows 10 users | | The OpenSSH? Client in Windows 10 was added in 2018. If for any reason your machine has not been updated since that time, here are instructions to download the application from Microsoft. | |
> > | Android Users
The following method for secure proxy browsing on Android mobile devices requires (1) an SSH Client with port forwarding (tunneling) capabilities, and (2) the Firefox Browser named "Firefox Nightly" There are several free SSH Clients available on Android, many of which can be found on the free, open-source Android app repository F-Droid and the Google Play Store; While this may not be the only SSH Client, ConnectBot? has worked well. Also, Firefox Nightly is currently the only version of Firefox that allows users to adjust advanced settings by typing "about:config" into the browser search bar.
ConnectBot? Instructions: Download and open the ConnectBot? app. Press the "+" symbol to create a new "host." Type "[email protected]" (without quotes) then press the "+" symbol again in the upper right corner. This will take you back to the main "Hosts" screen. Next, long press on the newly created host and press "Edit port forwards." Select "Dynamics (SOCKS) as the "Type" and change the "Source port" to "7070," then press "Create Port Forward." Navigate back to the "Hosts" page and click on your newly created host. You will be prompted to enter your UNI password and should then be connected. Next, go to "Step 2" below and read the instructions for "Firefox Nightly." | | Step 2: Tell your browser to use the secure tunnel
As part of connecting to CUNIX in step one we told ssh to set up a take an address or "port" on your local machine and forward it to the CUNIX machine that you logged into. In particular we forwarded port "7070". This created a "SOCKS proxy," between your machine's port 7070 and the Columbia computer. We now want to tell your web browser to send all its requests for websites through the proxy port. The particular way to do this depends on which browser you are using. | | Firefox is the simplest browser to use when proxying web traffic. If you are not already using it, you could consider downloading and using it specifically for proxyed connections. That way you can simply leave the proxy settings in Firefox on all the time and use whatever other browser you wish for non-proxyed web activity. | |
> > | Firefox Nightly (For Android Users)
(Steps copied from developer Tyler Burton - Step 5)
In order to make Firefox [Nightly] connect via the SSH tunnel, you'll need to modify some settings. Once you are finished the browser will only work if the SSH tunnel is connected.
In the Firefox [Nightly] address bar type "about:config" with no quotes.
In the page that loads search and modify the following values (ignore all quotes):
(search for) "network.proxy.proxy_over_tls"
--> Change to true
(search for) "network.proxy.socks"
--> Change to "127.0.0.1"
(search for) "network.proxy.socks_port"
--> Change to the SSH Tunnel Local Port set above (7070)
(search for) "network.proxy.socks_remote_dns"
--> Change to true
(search for) "network.proxy.socks_version"
--> Change to 5
(search for) "network.proxy.type"
--> Change to 1 | | Step 3: Proof
Once you have successfully proxied your web connection through the CUNIX machines you are ready to demonstrate your success here. While your browser is still proxied simply add a comment to this page saying that you are finished. The comment will look no different to you but the logs for this website, like the logs of every website, will record your IP address. If you are successfully using your new proxy all we will see is a connection from one of the CUNIX machines. Otherwise we will see exactly where else you are connecting from. |
|
|
|
This site is powered by the TWiki collaboration platform. All material on this collaboration platform is the property of the contributing authors. All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
|
|
| |