[SSH Tunnel - WEB Proxy ...] Behind The managed Network

참고> How To Route Web Traffic Securely Without a VPN Using a SOCKS Tunnel

How To Route Web Traffic Securely Without a VPN Using a SOCKS Tunnel | DigitalOcean

Step 1 — Setting Up the Tunnel

• ssh -i ~/.ssh/id_rsa -D 1337 -f -C -q -N user@your_server_domain

Explanation of arguments

• -i: The path to the SSH key to be used to connect to the host
• -D: Tells SSH that we want a SOCKS tunnel on the specified port number (you can choose a number between 1025 and 65536)
• -f: Forks the process to the background
• -C: Compresses the data before sending it
• -q: Uses quiet mode
• -N: Tells SSH that no command will be sent once the tunnel is up
  
  [sshpass 사용시]

• sshpass -p 암호 ssh -o StrictHostKeyChecking=no \
      -D 프락시서버_IP:프락시서버_포트 -f -q -N 계정@서버 -p 서버_포트
  
  예> sshpass -p server_pass ssh -o StrictHostKeyChecking=no -D 192.168.88.222:48880 -f -q -N server_id@172.16.100.30 -p 31015
  
  Explanation of arguments
• -p : 암호 <== 맨 뒤의 "p"옵션과 별개임.
• -o : 키확인 과정 생략

• -D : 터널 설정하는 시스템의 IP:PORT 설정 
• -f : Forks the process to the background
• -q: Uses quiet mode
• -N: Tells SSH that no command will be sent once the tunnel is up
  
  -p : 서버의 포트

 

 

[전체 플로우]

@ Remote 내서버 <---> #Proxy SSH Tunnel 서버 <--->  %PC (웹브라우징)

예> sshpass -p server_pass ssh -o StrictHostKeyChecking=no -D 192.168.88.222:48880 -f -q -N server_id@172.16.100.30 -p 31015 

@ : 172.16.100.30 : 80      -  WEB 서버 동작
@ : 172.16.100.30 : 31015 -  SSH 서버 동작 ID:server_id / PW:server_pass 

# : 192.168.88.222 : 48880 -  터널용 외부(PC접속용) Proxy 포트

% : Proxy 설정 - # 정보로
% : 웹 브라우징 - @웹서버 IP/Port 로

Firefox> https://www.mozilla.org/en-US/firefox/88.0.1/releasenotes/?utm_campaign=about-dialog&utm_medium=firefox-desktop&utm_source=firefox-browser
맨 아래 다운로드 후 설치

 

거의 Firefox만 됨. 나머지는 안 되거나 부작용이 있음.

 

[Firefox Proxy 설정 -> 서버 IP/Port로 접속