An example:
I am trying to use PuTTy to create an SSH tunnel from my laptop to my server (for the purposes of this example MyServer.com:22). Port 22 is enabled on the router between MyServer.com and the Internet.
MyServer.com is running a Privoxy HTTP Proxy on the default port of 8118. Port 8118 is not enabled on the router.
When I create a tunnel from a local port on my laptop, say 3500, to MyServer.com:22, and then configure my web browser to use localhost:3500 as a Proxy, I do not get web pages appear in my web browser – instead, I get a line of text from Open SSH describing the version number of the software in the Web Browser.
I have seen (and not fully understood) references to SOCKS and the ProxyCommand keyword in the sshd_config OpenSSH file. Am I able to utilise one/both of these in order to create a tunnel to MyServer.com:22 which serves web pages, or is it absolutely neccessary that the HTTP Proxy on MyServer.com:8118 is exposed to the Internet?
Answer
It because you’re using the local port forwarding technique:
$ ssh -L 3500:yourserver.com:22 user@yourserver.com
This command allocates a socket to listen to port 3500 on your laptop. And when you configure the browser to use localhost:3500
as a proxy, web traffic is forwarded over the secure channel, and a connection is made to yourserver.com:22
, and in fact, you’re telnet
ing to the your server, it’s why you get the SSH version:
SSH-2.0-OpenSSH_4.3
Protocol mismatch.
You probably want to use dynamic port forwarding instead:
$ ssh -D 3500 user@yourserver.com
This technique uses the application protocol to determine where to connect to from your server.
Don’t forget to configure web browser to use SOCKS Host, not HTTP Proxy.
Attribution
Source : Link , Question Author : 8bitjunkie , Answer Author : quanta