User Tools

Site Tools

Trace:
using_ssh_for_connections_transfer_to_from_sdf

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
using_ssh_for_connections_transfer_to_from_sdf [2021/03/12 18:38] – [connecting to SDF from a network] hc9using_ssh_for_connections_transfer_to_from_sdf [2021/03/15 21:05] – [connecting to SDF from a network] hc9
Line 27: Line 27:
 Here we discuss some peculiarities concerning SDF and SSH. Here we discuss some peculiarities concerning SDF and SSH.
  
-==== file and directory permissions ====+=== file and directory permissions ===
  
 [[using_ssh_for_connections_transfer_to_from_sdf#ssh_public_key_authentication|Public key authentication]] will not work, if the home directory (''$HOME'') or the user's ssh directory ''$HOME/.ssh'' are world writable. Your home directory should never be world writable, anyway! [[using_ssh_for_connections_transfer_to_from_sdf#ssh_public_key_authentication|Public key authentication]] will not work, if the home directory (''$HOME'') or the user's ssh directory ''$HOME/.ssh'' are world writable. Your home directory should never be world writable, anyway!
Line 35: Line 35:
 You should look up ''chmod'' in the manpages, if you don't understand this command. You should look up ''chmod'' in the manpages, if you don't understand this command.
  
-===== special topics =====+=== special topics ===
  
-==== How to enable Port Tunneling and Why ====+===== How to enable Port Tunneling and Why =====
  
 === What is port tunneling good for === === What is port tunneling good for ===
Line 53: Line 53:
 First you need to connect to a SSL enabled SDF server: otaku.freeshell.org on port 443. First you need to connect to a SSL enabled SDF server: otaku.freeshell.org on port 443.
  
-{{http://sdf.org/tutorials/images/PuTTY1.gif?456x435|putty screenshot 1}}\\  Then you need to configure the port to tunnel on your local machine. Generally Socks proxies use port 1080 so that is a good port. Click on the Tunnels category and configure the tunnel as shown below.+{{:using_ssh_for_connections_transfer_to_from_sdf:putty1.gif?nolink|putty screenshot 1}}
  
-{{http://sdf.org/tutorials/images/PuTTY2.gif?456x435|putty screenshot 2}}\\  Click on the "Add" button and you should see the screen as listed below.+Then you need to configure the port to tunnel on your local machineGenerally Socks proxies use port 1080 so that is a good port. Click on the Tunnels category and configure the tunnel as shown below.
  
-{{http://sdf.org/tutorials/images/PuTTY3.gif?456x435|putty screenshot 3}}\\  Then go back to session and name and save the session. Click connect and the tunnel should become active.+{{:using_ssh_for_connections_transfer_to_from_sdf:putty2.gif?nolink|putty screenshot 2}} 
 + 
 +Click on the "Add" button and you should see the screen as listed below. 
 + 
 +{{:using_ssh_for_connections_transfer_to_from_sdf:putty3.gif?nolink|putty screenshot 3}} 
 + 
 +Then go back to session and name and save the session. Click connect and the tunnel should become active.
  
 === How to use the Tunnel you just enabled === === How to use the Tunnel you just enabled ===
Line 63: Line 69:
 I am now going to configure Trillian (A great multi IM chat program) to use the Tunnel. It should be obvious how to configure other applications from these screenshots. \\  First click on the "Trillian Prefernces" and select "Advanced Preferences". Select "Proxy" If you want all your chat services to use the proxy select use one setting for all services checkbox. Otherwise configure this on each service you want to encrypt over the tunnel. I am now going to configure Trillian (A great multi IM chat program) to use the Tunnel. It should be obvious how to configure other applications from these screenshots. \\  First click on the "Trillian Prefernces" and select "Advanced Preferences". Select "Proxy" If you want all your chat services to use the proxy select use one setting for all services checkbox. Otherwise configure this on each service you want to encrypt over the tunnel.
  
-{{http://sdf.org/tutorials/images/Trillian.gif?730x530|Trillian screenshot 1}}\\  Click on "Close". Now your service should be able to connect through the tunnel. Again this will encrypt all traffic from your Internet Access Point to SDF. Once it leaves SDF it will no longer be encrypted (Unless you are hitting a HTTPS page or something already encrypted). \\ \\  Technically any program that supports a Socks 4 proxy can be used with the tunnel.+{{:using_ssh_for_connections_transfer_to_from_sdf:trillian.gif?nolink|Trillian screenshot 1}} 
 + 
 +Click on "Close". Now your service should be able to connect through the tunnel. Again this will encrypt all traffic from your Internet Access Point to SDF. Once it leaves SDF it will no longer be encrypted (Unless you are hitting a HTTPS page or something already encrypted). \\ \\  Technically any program that supports a Socks 4 proxy can be used with the tunnel.
  
-==== SSH Public Key Authentication ====+===== SSH Public Key Authentication =====
  
 These instructions attempt to explain the basic concepts of SSH Public Key Authentication, what it is, and the steps required to use it. These instructions attempt to explain the basic concepts of SSH Public Key Authentication, what it is, and the steps required to use it.
Line 139: Line 147:
 You should now be able to log in using SSH Key Authentication. You should now be able to log in using SSH Key Authentication.
  
-==== connecting to SDF from a network ====+===== connecting to SDF from a network =====
  
 //... or configuring SSH clients to use a SOCKS proxy server// //... or configuring SSH clients to use a SOCKS proxy server//
Line 156: Line 164:
 This client is often supplied by universities to their students. This client is often supplied by universities to their students.
  
-  - Access the settings dialogue under "Edit -> Settings" +|**1**|Access the settings dialogue under "Edit -> Settings"| 
-  Under the "Connectionsection, make sure that the tickbox marked "Connect through firewallis checked+|**2**|Under the ''Connection'' section, make sure that the tickbox marked Connect through firewall is checked|
  
-{{http://sdf.org/tutorials/images/ssh-connection-setting.png}} //+{{:using_ssh_for_connections_transfer_to_from_sdf:ssh-connection-setting.png?nolink|}}
  
-  - Under the "Firewallsection (near the bottom of the list) enter your SOCKS proxy settings in the form of "socks://[host]:[port]Illustrated are the settings for TCD.+|**3**|Under the ''Firewall'' section (near the bottom of the list) enter your SOCKS proxy settings in the form of ''socks:[host]:[port]'' Illustrated are the settings for TCD.|
  
-{{http://sdf.org/tutorials/images/ssh-firewall-setting.png}} //+{{:using_ssh_for_connections_transfer_to_from_sdf:ssh-firewall-setting.png?nolink|}}
  
-  - Connect as normal!+|**4**|Connect as normal!|
  
 === PuTTY === === PuTTY ===
Line 171: Line 179:
 A popular free SSH client. A popular free SSH client.
  
-  - Select in the left window "Proxy" (located under the "Connection" branch) +|**1**|Select in the left window "Proxy" (located under the "Connection" branch)| 
-  Enter in your details. Illustrated are those for TCD.+ 
 +{{:using_ssh_for_connections_transfer_to_from_sdf:ssh-putty-config.png?nolink|}}
  
-{{http://sdf.org/tutorials/images/ssh-putty-config.png}} // +|**2**|Enter in your detailsIllustrated are those for TCD.| 
-   +|**3**|Connect as normal! (You may want to save these details for future use)|
-  Connect as normal! (You may want to save these details for future use)+
  
 === Commandline ssh client === === Commandline ssh client ===
Line 192: Line 200:
 Then, configure your browser to use the SOCKS proxy on "localhost" using port 9999 as shown here using Firefox: Then, configure your browser to use the SOCKS proxy on "localhost" using port 9999 as shown here using Firefox:
  
-{{http://sdf.org/tutorials/images/firefox-socks-proxy.png}}+{{:using_ssh_for_connections_transfer_to_from_sdf:firefox-socks-proxy.png?nolink|}}
  
 For additional security and privacy, configure Firefox to do remote DNS lookups rather than the default local DNS lookups. In //about:config// search for //network.proxy.socks_remote_dns// and toggle its value to //true//. For additional security and privacy, configure Firefox to do remote DNS lookups rather than the default local DNS lookups. In //about:config// search for //network.proxy.socks_remote_dns// and toggle its value to //true//.
using_ssh_for_connections_transfer_to_from_sdf.txt · Last modified: 2022/12/05 06:32 by hc9