Help connecting to SOCKS5 proxy server with Open SSH
Ben Lindstrom
mouring at eviladmin.org
Wed Mar 6 11:59:11 EST 2013
On Mar 5, 2013, at 2:21 AM, Stephen Thatcher <forumnemail at gmail.com> wrote:
[..]
> Wikipedia's knowledge of SOCKS5 protocol and proxy server connection request.
> Step 1 in the initial handshake is 'connecting' to server and including a list of authentication methods supported. I need the right commands for this. Lets say I want to connect to SOCKS5 proxy server 72.230.89.105:3816 @ hostname: cpe-72-230-89-105.twcny.res.rr.com.
> Could I enter in terminal : "ssh -2 cpe-72-230-89-105.twcny.res.rr.com"? When I do, it says ssh: connect to host cpe-72-230-89-105.twcny.res.rr.com port 22: Connection refused.
> Why is the connection being refused? Why is the connection attempting to be made on the hosts port 22?
> Lets say I connected to the SOCKS server somehow. Would the server choose not to use authentication and respond that choice to me?
> Lets say no authentication was accepted by my client and the server. Can I local forward a random port(7763) to the server with this terminal command:
> ssh -L [localhost:]7763:72.230.89.105:3816. Then would I want to enter: ssh -D [localhost:]10255. Following by setting up firefox to connect to SOCKS5 proxy server: localhost on port 7763?
You are confusing two different aspects. Ssh doesn't know how to use socks5 as a proxy method by default. It knows how to create an SOCKS5 proxy, and it has a generic "proxy" interface to allow you to call a 3rd party program to do the proxy for you. The reason for the latter is to allow people to do http proxy, or any other method of doing proxy without having to hack the ssh code for every unique proxy type.
** ssh as a socks5 proxy server:
$ ssh -D 8080 bastin.company.com
[Authenticate]
Start firefox, set SOCKS5 proxy to localhost:8080
** ssh USING a socks5 proxy server:
However, if you want ssh to use a SOCKS5 proxy you need a 3rd party packages like: http://paulbetts.org/connect-proxy.tar.bz2
And setup a ~/.ssh/config like:
Host *
ProxyCommand connect-proxy -R both -5 -S socks5.proxyserver.com:1080 %h %p
Then any attempt at using ssh will use connect-proxy to open a channel to socks5.proxyserver.com then will open a connection to the %h and try talk to it via ssh.
- Ben
More information about the openssh-unix-dev
mailing list