Posts Tagged ‘forwarding’

Linux Command Line Basics Part VII: Tunnelling Using SSH

Knowing basic *nix terminal commands is an absolute must for any computer pro. Whether you use Windows, Mac OS or Linux, you’re bound to face the command prompt at some stage, so here’s my crash course in CLI. In this final part of my guide to the basics of command line Linux I’ll show you how to tunnel an internet connection using SSH.

SSH Tunnelling

Tunnelling an internet connection using SSH has many uses – if you’re on a restricted network at school or work you might not have access to certain sites. By tunnelling to a remote machine you can bypass these restrictions, allowing access to any site. The reverse is also true – by tunnelling into a machine at school or work you can gain access to resources on its local network which might not ordinarily be available to external connections.

Opening the Connection

The link established between the local and remote machines is akin to using a proxy server – we’re going to tell the browser (Firefox) to route data through a port on the local machine which is forwarded a specified port on the remote server. Requests will be made by the remote server and the results forwarded back to your local computer.

You need to choose a port which isn’t reserved for a common service – usually a high number in the port range (in the screenshot below I’m using port 9999).

Opening the tunnel to the remote machine

The command line SSH options are:

$ ssh -C username@remotemachine -D [port number]

Using this method will open a remote Terminal session also – there are options to simply open the connection and return the command line immediately, but this way you won’t forget about your connection, and it’s easier to close it when you’re done (just exit the SSH session).

Now that the port is open for business we need to instruct the browser to use it. Launch Firefox and open the preferences window. Click the ‘Advanced’ tab & select ‘Network’.

Click ‘Settings…’ to open the connection options dialog box. Select ‘Manual proxy configuration’ in this dialog box.

Now set the ‘SOCKS Host’ to ‘localhost’ and the port to 9999, or whatever port you selected when you opened the SSH session. Your config page should look something like the screenshot below:

We’re done, so save the changes you’ve made and exit the Preferences window. One way you can test whether your connection is working is to visit an IP/location site such as and see where it places you on a map.

To end the connection, simply exit the SSH session as you would normally. Remember to change back the settings you altered in Firefox, or it won’t be able to access the internet.

And that concludes my crash course in *nix command line – we started learning about the file system and are very quickly forwarding connections, using remote GUI applications using X and more. Hopefully this has demonstrated just how powerful the command line interface can be, and by taking just a little time to become better acquainted you can start accomplishing some really cool stuff. Thanks for reading!

For a full list of topics covered in this tutorial series, head over to the index page.