Home / ubuntu / Questions / 45075
Accepted
Oxwivi
Asked: 2011-05-26 01:57:58 +0800 CST

How do I route my internet through a SSH tunnel?

  • 772

Old Q How do I setup an OpenVPN server without root privileges?

Is there a way to setup an OpenVPN server without root privileges? E.g. with configuration files in my home directory? If yes, how do I set it up?

I'm trying to SSH into a system and set up an OpenVPN server over there for personal use.

EDIT

Since it's apparent that OpenVPN needs root privileges, I am changing the question to routing my internet using SSH which I can easily set up.

networking

3 Answers

  1. Best Answer

    sshuttle is a transparent proxy server that forwards over a SSH connection and sets up a proxy by running Python scripts on the remote server. sshuttle can be run under the following conditions:

    • client machine or router is Linux-based, FreeBSD or Mac OS
    • administrative privileges on client
    • access to remote network via SSH
    • no administrator privileges on remote network
    • availability of Python on remote server

    Install sshuttle enter image description here from the Software Center or the Terminal:

    sudo apt-get install sshuttle

    The basic command for running sshuttle with routing all traffic is:

    sshuttle -r username@sshserver:port 0/0

    Upon the execution of the command, a sudo password prompt will appear and subsequently the password to SSH account. No other details will appear except for a short message and return to shell upon failure. For more status messages, run sshuttle in verbose mode with the -v flag.

    In this example all internet traffic except DNS is routed through the VPN. -r flag denotes the remote hostname and optional username and port that follows in the above example. 0/0 is short for 0.0.0.0/0 that represents the subnets to route over the VPN. The usage of 0/0 routes all the traffic except DNS requests to the remote server. DNS tunelling is possible with the usage of -H flag.

    Please read the man page (man sshuttle) for the details of options and modes under which sshuttle can run. For information about the concept and more examples, refer to the project page.

    • 34

  2. You cannot setup OpenVPN without root privileges because certain operations requires it.

    • Prerequisites: you need to enable packet forwarding in your (iptables?) firewall
    • Adding devices in operation: a special virtual device has to be added using ifconfig. Otherwise, no communication is possible between the server and client

    Depending on your needs, other solutions are available. For browsing through your server, you may set up a SOCKS server.

    SOCKS proxy

    Setting up a SOCKS proxy is not difficult: it's built-in in OpenSSH. To enable the SOCKS server, run the next command in a terminal:

    ssh user@host -D1234

    Replace 1234 by your preferred port. In your browser, you can enter localhost as host and 1234 as port at SOCKS4/5 server.

    Below is an example in the Firefox browser:

    1. Go to Edit -> Preferences
    2. Open the Advanced section
    3. Go to the Network tab
    4. Press Settings
    5. Select Manual proxy configuration
    6. Enter localhost as SOCKS Host
    7. Enter 1234 as port (the same port as specified in the SSH command)
    8. Press OK and Close to close the preferences dialogs.

    FIrefox setup example

    • 18

  3. If you only want to tunnel your systems TCP traffic i recommend to use a programm called tun2socks. If you also want to tunnel UDP traffic you have to install udpgw on your server.

    Here is an tutorial how to install and use this programms: http://board.nwrk.biz/viewtopic.php?id=3

    • -1