Using SSH can be confusing enough for Linux beginners. It can be even more confusing when you want to do something completely different from a default connection. What if the server is set up on a different port? What if public authentication is being used instead of a password? That’s exactly how I have my server set up.
I have two stanzas set up, one for my username and one for my SSH tunnel:
Host username Hostname 220.127.116.11 Port 1234 ServerAliveInterval 60 User username Compression yes Host tunnel Hostname 18.104.22.168 DynamicForward 1234 Port 1234 ServerAliveInterval 60 User username Compression yes ControlMaster Auto ControlPath ~/.ssh/sockets/%r-%h-%p
I’ve obviously changed hostnames, usernames and ports so as not to expose my own credentials. The hostname is the IP address for the server you want to connect to. The username is a non-root user set up on the server. The port number is what port the SSH daemon on the server is running on. The dynamic forward is whatever port chosen to use with the localhost.
Connecting from the command line is simple, using the commands “ssh username” or “ssh tunnel”. Getting a web browser to use the tunnel connection isn’t. I’m not familiar with all the web browsers out there, but Firefox and Chromium based web browsers aren’t difficult to set up.
With Firefox, go to “Preferences” and scroll all the way down to edit the “Network Settings”. Select “Manual proxy configuration” and then enter “127.0.0.1” for “SOCKS Host” and the dynamic forward port for the “Port”. Make sure “SOCKS v5” is selected and then click the “OK” button. From then on, the tunnel must be connected or Firefox won’t connect to anything. If Firefox is your primary web browser, you should use these setting on another profile.
With Proxy SwitchyOmega, the entries for the proxy servers are: SOCKS5, 127.0.0.1 and the dynamic forward port. With FoxyProxy Standard, the entries aren’t as straightforward. You enter 127.0.0.1 and the dynamic forward port on one line and then you have to select SOCKS proxy and SOCKS v5 on the next line.
I use the SSH connection every day because I view the logs for my web server every day. When necessary, I edit certain included files and reload the server configuration. I rarely use the SSH tunnel, and it’s usually when I’m in the Philippines. Some websites block that country completely.
Using an SSH tunnel can give me one advantage over other methods of authentication. It lets me use my server’s IP address, which is static, instead of my ISP provided IP address, which isn’t. Also, if I want to browse the web while I’m traveling, I don’t want my location tracked. Using that static IP address makes trackers think I’m sitting in one place.