From cere@u.washington.edu Thu May 23 17:03:31 2002 Received: from mailscan6.cac.washington.edu (mailscan6.cac.washington.edu [140.142.33.14]) by lists.u.washington.edu (8.12.1+UW01.12/8.12.1+UW02.01) with SMTP id g4O03Qw3063930 for ; Thu, 23 May 2002 17:03:26 -0700 Received: FROM mxu2.u.washington.edu BY mailscan6.cac.washington.edu ; Thu May 23 17:03:25 2002 -0700 Received: from mxout3.cac.washington.edu (mxout3.cac.washington.edu [140.142.32.19]) by mxu2.u.washington.edu (8.12.1+UW01.12/8.12.1+UW02.01) with ESMTP id g4O03Ps6014829 for ; Thu, 23 May 2002 17:03:25 -0700 Received: from mailscan-out2.cac.washington.edu (mailscan-out2.cac.washington.edu [140.142.33.17]) by mxout3.cac.washington.edu (8.12.1+UW01.12/8.12.1+UW02.01) with SMTP id g4O03O9L021767 for ; Thu, 23 May 2002 17:03:24 -0700 Received: FROM mailhost1.u.washington.edu BY mailscan-out2.cac.washington.edu ; Thu May 23 17:03:23 2002 -0700 Received: from polaris.csde.washington.edu (polaris.csde.washington.edu [128.95.71.4]) by mailhost1.u.washington.edu (8.12.1+UW01.12/8.12.1+UW02.01) with ESMTP id g4O03Ns8027986 for ; Thu, 23 May 2002 17:03:23 -0700 Date: Thu, 23 May 2002 17:03:23 -0700 (PDT) From: "Cere M. Davis" X-X-Sender: cere@polaris.csde.washington.edu To: UW Linux Group Subject: Re: [SeaHack] Undocumented SSH flag (fwd) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII There must be something I'm missing here. What's the advantage of using the socks proxy over just ssl? -Cere > > I figure some of you might find this usefull, especially when connected > via wireless or other shared medium. > > With mozilla this goes in the "socks host" field, not the http proxy > field. > > -richard > > -- > Richard Lotz > GPG Key: http://students.washington.edu/rlotz/key.txt > Fingerprint: 6BD7 C584 7DDC 43FD F0D4 87AB 5A8F 89D5 B3CC 9517 > > > ---------- Forwarded message ---------- > Date: Sat, 18 May 2002 23:54:09 -0700 (PDT) > From: Ken Caruso > Subject: [SeaHack] Undocumented SSH flag > > > Well this might be old news to some, but I was made aware of an > undocumented SSH flag that is pretty usefull. The "-D" flag. It allows you > to use ssh as a socks4 style proxy and have traffic dynamically tunneled. > > For a quick example, lets say you have a machine that you want tunnel your > http traffic to. Use "ssh -D1080 myname@tunnelmachine.com". Then set your > browsers Socks Proxy setting to use localhost:1080 w/socks4. Now you can > surf the web and the traffic is tunneled to "tunnelmachine.com". Since > alot of apps have socks support, this is real handy for using a VPN type > solution to access networks behind a SSH bastion host. > > I am just really happy that I no longer have to run an http proxy because > of the limitations of the -L flag. > > Apparently there might be some issues with MacOSX I dont have an X machine > to test. > > Thanks to Dan Kaminsky for turning me on to this cool feature. > > > Ken Caruso > kenc@seattlewireless.net > http://ken.ipl31.net > > "when in doubt tell the truth" -Mark Twain > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Cere Davis Unix Systems Administrator - CSDE cere@u.washington.edu ph: 206.685.5346 https://staff.washington.edu/cere GnuPG Key http://staff.washington.edu/cere/gpgkey.txt Key fingerprint = B63C 2361 3B9B 8599 ECC9 D061 3E48 A832 F455 9E7FA .