From Wiki

Jump to: navigation, search


Tunnel SSH over DHS

If you are on a network, and you dont have access to a Proxy, or you have to pay for a proxy, then it might be possible to get free internet access....albeit at modem (~56kbit) speeds.


1. You must be able to join the network, and you must be able to do DNS lookups. I.e.:
ping server.com
Pinging server.com [] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.

If it correctly resolved the ip of your server - then you have passed condition 1.

2. You will need a (preferable linux) computer on the Internet, with root access. (Or perhaps a willing friend with one).
3. You will also need access to an existing DNS server, and/or DynDNS account (see reference below for DynDNS).
4. The computer you are using (client) requires linux. A live CD will do nicely.

Download/Setup Files Required for Both Client and Server


The above download is required for BOTH the client and server Download either one of the above. Gunzip and tar -xvf the above file.

As the above perl files use some perl packages, these need to be installed. Specifically:

apt-get install libnet-dns-perl
apt-get install libmime-base32-perl


This next setup will vary depending on what you currently use. Ideally you have 2 servers on the internet. The 1st which is currently a DNS server, and 2nd is a normal server which does not have a DNS server.

My Situation: I have 2 physical computers on the internet: 1st = www.server.com (does DNS and mail and web) 2nd = test.server.com (test server).

Config for Existing DNS Server

Basically, you just want to add a DNS rule to point at your second server.

vi /etc/bind/zones/server.com.zone
dnstun     IN      NS      dnstun.server.com.
dnstun     IN      A

/etc/init.d/bind9 reload

Config for Existing Test Server

This is where the special DNS server runs. Root access is required. The ozymandns_src_0.1.tgz and the 2 apt-get packages are also required.

./nomde.pl -i dnstun.server.com
# open the firewall allowing in udp 53.

Config for Client Server

ssh -o ProxyCommand="./droute.pl sshdns.dnstun.server.com" user@localhost
# you will also in the above line, be ssh'ing into your dnstun.server.com

If there is a proxy on your dnstun.burkesys.com, then you can go:

ssh -o ProxyCommand="./droute.pl sshdns.dnstun.server.com" user@localhost -L 3128:proxy.server.com:3128

Original Reference


Personal tools