Give server access to Internet, via client connecting by SSH
I can use my home computer A to connect by SSH to a server B where access to the external network is blocked. In other words, all requests to Internet from B throw an error: Network is unreachable. Can I redirect all these requests to pass through the computer A which has an unrestricted access to Internet?
Server B is a server which hosts one of my website. I want to download files in order to install some software. But the connection is blocked. I was able to transfer files but it was complicated because the software versions are different on A and B, so the dependencies where different and it required different files on A and B.
I searched on Internet and it seems that I need a reverse tunnel. But I only found solutions where a port is redirected. But it's not what I need since I don't want B to access to A but to Internet.
ssh ssh-tunneling
edited Dec 23 '18 at 19:03
ctrl-alt-delor
10.9k41957
asked Feb 20 '14 at 23:39
A.L
4733617
add a comment |
I can use my home computer A to connect by SSH to a server B where access to the external network is blocked. In other words, all requests to Internet from B throw an error: Network is unreachable. Can I redirect all these requests to pass through the computer A which has an unrestricted access to Internet?
Server B is a server which hosts one of my website. I want to download files in order to install some software. But the connection is blocked. I was able to transfer files but it was complicated because the software versions are different on A and B, so the dependencies where different and it required different files on A and B.
I searched on Internet and it seems that I need a reverse tunnel. But I only found solutions where a port is redirected. But it's not what I need since I don't want B to access to A but to Internet.
ssh ssh-tunneling
edited Dec 23 '18 at 19:03
ctrl-alt-delor
10.9k41957
asked Feb 20 '14 at 23:39
A.L
4733617
if the downvoter of this questions sees this comment, would you mind letting us know why? I don't see anything wrong with it, even if the answer is "not possible".
– strugee
Feb 21 '14 at 2:11
Possible duplicate of unix.stackexchange.com/questions/111972/…
– Lawrence
Feb 21 '14 at 2:24
ssh allows you to do either local or remote port forwarding -- i.e. when an application on B attempts to open a local port X, that gets forwarded to A as an attempt to open whatever port you've specified. So then A is free to forward that connection request out to the Internet. You haven't mentioned what port(s) or protocols you're trying to use, that would make construction of detailed answers easier.
– Stabledog
Feb 21 '14 at 6:29
I'm trying to use composer, so it should be HTTP and HTTPS requests to github in order to download the packages.
– A.L
Feb 22 '14 at 16:44
add a comment |
I can use my home computer A to connect by SSH to a server B where access to the external network is blocked. In other words, all requests to Internet from B throw an error: Network is unreachable. Can I redirect all these requests to pass through the computer A which has an unrestricted access to Internet?
Server B is a server which hosts one of my website. I want to download files in order to install some software. But the connection is blocked. I was able to transfer files but it was complicated because the software versions are different on A and B, so the dependencies where different and it required different files on A and B.
I searched on Internet and it seems that I need a reverse tunnel. But I only found solutions where a port is redirected. But it's not what I need since I don't want B to access to A but to Internet.
ssh ssh-tunneling
edited Dec 23 '18 at 19:03
ctrl-alt-delor
10.9k41957
asked Feb 20 '14 at 23:39
A.L
4733617
I can use my home computer A to connect by SSH to a server B where access to the external network is blocked. In other words, all requests to Internet from B throw an error: Network is unreachable. Can I redirect all these requests to pass through the computer A which has an unrestricted access to Internet?
Server B is a server which hosts one of my website. I want to download files in order to install some software. But the connection is blocked. I was able to transfer files but it was complicated because the software versions are different on A and B, so the dependencies where different and it required different files on A and B.
I searched on Internet and it seems that I need a reverse tunnel. But I only found solutions where a port is redirected. But it's not what I need since I don't want B to access to A but to Internet.
ssh ssh-tunneling
ssh ssh-tunneling
edited Dec 23 '18 at 19:03
ctrl-alt-delor
10.9k41957
asked Feb 20 '14 at 23:39
A.L
4733617
edited Dec 23 '18 at 19:03
ctrl-alt-delor
10.9k41957
asked Feb 20 '14 at 23:39
A.L
4733617
edited Dec 23 '18 at 19:03
ctrl-alt-delor
10.9k41957
edited Dec 23 '18 at 19:03
ctrl-alt-delor
10.9k41957
edited Dec 23 '18 at 19:03
ctrl-alt-delor
10.9k41957
10.9k41957
asked Feb 20 '14 at 23:39
A.L
4733617
asked Feb 20 '14 at 23:39
A.L
4733617
asked Feb 20 '14 at 23:39
A.L
4733617
4733617
if the downvoter of this questions sees this comment, would you mind letting us know why? I don't see anything wrong with it, even if the answer is "not possible".
– strugee
Feb 21 '14 at 2:11
Possible duplicate of unix.stackexchange.com/questions/111972/…
– Lawrence
Feb 21 '14 at 2:24
ssh allows you to do either local or remote port forwarding -- i.e. when an application on B attempts to open a local port X, that gets forwarded to A as an attempt to open whatever port you've specified. So then A is free to forward that connection request out to the Internet. You haven't mentioned what port(s) or protocols you're trying to use, that would make construction of detailed answers easier.
– Stabledog
Feb 21 '14 at 6:29
I'm trying to use composer, so it should be HTTP and HTTPS requests to github in order to download the packages.
– A.L
Feb 22 '14 at 16:44
add a comment |
if the downvoter of this questions sees this comment, would you mind letting us know why? I don't see anything wrong with it, even if the answer is "not possible".
– strugee
Feb 21 '14 at 2:11
Possible duplicate of unix.stackexchange.com/questions/111972/…
– Lawrence
Feb 21 '14 at 2:24
ssh allows you to do either local or remote port forwarding -- i.e. when an application on B attempts to open a local port X, that gets forwarded to A as an attempt to open whatever port you've specified. So then A is free to forward that connection request out to the Internet. You haven't mentioned what port(s) or protocols you're trying to use, that would make construction of detailed answers easier.
– Stabledog
Feb 21 '14 at 6:29
I'm trying to use composer, so it should be HTTP and HTTPS requests to github in order to download the packages.
– A.L
Feb 22 '14 at 16:44
if the downvoter of this questions sees this comment, would you mind letting us know why? I don't see anything wrong with it, even if the answer is "not possible".
– strugee
Feb 21 '14 at 2:11
if the downvoter of this questions sees this comment, would you mind letting us know why? I don't see anything wrong with it, even if the answer is "not possible".
– strugee
Feb 21 '14 at 2:11
Possible duplicate of unix.stackexchange.com/questions/111972/…
– Lawrence
Feb 21 '14 at 2:24
Possible duplicate of unix.stackexchange.com/questions/111972/…
– Lawrence
Feb 21 '14 at 2:24
ssh allows you to do either local or remote port forwarding -- i.e. when an application on B attempts to open a local port X, that gets forwarded to A as an attempt to open whatever port you've specified. So then A is free to forward that connection request out to the Internet. You haven't mentioned what port(s) or protocols you're trying to use, that would make construction of detailed answers easier.
– Stabledog
Feb 21 '14 at 6:29
ssh allows you to do either local or remote port forwarding -- i.e. when an application on B attempts to open a local port X, that gets forwarded to A as an attempt to open whatever port you've specified. So then A is free to forward that connection request out to the Internet. You haven't mentioned what port(s) or protocols you're trying to use, that would make construction of detailed answers easier.
– Stabledog
Feb 21 '14 at 6:29
I'm trying to use composer, so it should be HTTP and HTTPS requests to github in order to download the packages.
– A.L
Feb 22 '14 at 16:44
I'm trying to use composer, so it should be HTTP and HTTPS requests to github in order to download the packages.
– A.L
Feb 22 '14 at 16:44
add a comment |
3 Answers
3
active
oldest
votes
You can run a proxy on Computer A that computer B would then connect to in order to access the internet through Computer A.
Something like this
+----------+ +-----------+
| |+----SSH+-->| |
| A | | B |
|+--------+| | |
Internet <-++-+PROXY<++<SSH Tunnel--+ |
|+--------+| | |
+----------+ +-----------+
Install a proxy like squid on A which listens on port 3128, and then you can ssh to the server with this -ssh -L 3128:127.0.0.1:3128 user@B
That will allow B to access the internet through A
answered Feb 21 '14 at 2:33
Lawrence
1,889912
Once connected to B, how the requests to Internet will be redirected to A? There's no configuration to change?
– A.L
Apr 18 '14 at 21:30
You'll need to set a proxy server on B to 127.0.0.1:3128
– Lawrence
Apr 22 '14 at 3:28
add a comment |
@Lawrence 's answer was good enough for me to get it all down. But here are the more detailed steps I used.
I used this for using my laptops 4g dongle to route internet to a raspberry pi with a fixed line connection to a wifi router.
If your host is a mac:
install squidman
http://squidman.net/squidman/
(not just generic squid, I had too much trouble with building it)
The default settings seemed good enough for me.
connect to 4g
connect to wifi
- configure a static ip on your wifi and remove the gateway address (unless you are doing advanced things) else you get two default routes and its very annoying.
- make sure your wifi router is not using the same 192.168.x.y range (configure a different "x" in this case)
ssh -R 8080:localhost:8080 pi@<ip address of the pi or target machine>
On the PI
export http_proxy=http://localhost:8080
with visudo add the text:
Defaults env_keep = "http_proxy https_proxy ftp_proxy"
Now wget will work and so will sudo apt-get so you can install packages.
If you want git as well its here:
https://stackoverflow.com/questions/128035/how-do-i-pull-from-a-git-repository-through-an-http-proxy
edited May 23 '17 at 11:33
Community♦
1
answered Sep 13 '15 at 13:38
SpiRail
1493
Thanks for your answer. What is the role ofvisudohere? Where do you add the text? (I can't usesudoon my Web hosting)
– A.L
Sep 14 '15 at 16:56
I dont really understand your question, but if you just type visudo into terminal (you might need a 'sudo visudo') you can add the line of text to the bottom.
– SpiRail
Mar 18 '16 at 15:38
there's no root access on my Web hosting.
– A.L
Mar 18 '16 at 16:34
It was a long time ago now. But from memory visudo edits the sudoers file and the line being added means that those user environment variables are kept when typing sudo. If you cant do sudo, then you don't need this step anyway.
– SpiRail
Jun 13 '16 at 9:59
add a comment |
Just adding some more and clear steps to @Lawrence and @SpiRail's answers.
Do the setup as follows:
Setup on Host A:
- Install proxy server Squid on Host A . By default Squid listens on port 3128.
yum install squid
- Comment the
http_access deny allthen addhttp_access allow allin /etc/squid/squid.conf - If Host A itself uses some proxy say 10.140.78.130:8080 to connect to internet then also add that proxy to
/etc/squid/squid.confas follows:
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
cache_peer 10.140.78.130 parent 8080 0 no-query default
never_direct allow all
Setup on Host B:
- Add the following entries to /etc/environment
export http_proxy=http://127.0.0.1:3129
export https_proxy=http://127.0.0.1:3129
source /etc/environment
Now our setup is complete.
Creating SSH tunnel with Remote port forwarding
- Run the follwoing SSH command from Host A
ssh -R 3129:localhost:3128 user@HostB
- This will allow Host B to access the internet through Host A.
Checking the internet:
- Run the following command from Host B
wget https://google.com
Traffic flow diagram :
edited 58 mins ago
Rui F Ribeiro
39.1k1479130
answered Dec 23 '18 at 18:21
Dhiru
112
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f116191%2fgive-server-access-to-internet-via-client-connecting-by-ssh%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
You can run a proxy on Computer A that computer B would then connect to in order to access the internet through Computer A.
Something like this
+----------+ +-----------+
| |+----SSH+-->| |
| A | | B |
|+--------+| | |
Internet <-++-+PROXY<++<SSH Tunnel--+ |
|+--------+| | |
+----------+ +-----------+
Install a proxy like squid on A which listens on port 3128, and then you can ssh to the server with this -ssh -L 3128:127.0.0.1:3128 user@B
That will allow B to access the internet through A
answered Feb 21 '14 at 2:33
Lawrence
1,889912
Once connected to B, how the requests to Internet will be redirected to A? There's no configuration to change?
– A.L
Apr 18 '14 at 21:30
You'll need to set a proxy server on B to 127.0.0.1:3128
– Lawrence
Apr 22 '14 at 3:28
add a comment |
You can run a proxy on Computer A that computer B would then connect to in order to access the internet through Computer A.
Something like this
+----------+ +-----------+
| |+----SSH+-->| |
| A | | B |
|+--------+| | |
Internet <-++-+PROXY<++<SSH Tunnel--+ |
|+--------+| | |
+----------+ +-----------+
Install a proxy like squid on A which listens on port 3128, and then you can ssh to the server with this -ssh -L 3128:127.0.0.1:3128 user@B
That will allow B to access the internet through A
answered Feb 21 '14 at 2:33
Lawrence
1,889912
Once connected to B, how the requests to Internet will be redirected to A? There's no configuration to change?
– A.L
Apr 18 '14 at 21:30
You'll need to set a proxy server on B to 127.0.0.1:3128
– Lawrence
Apr 22 '14 at 3:28
add a comment |
You can run a proxy on Computer A that computer B would then connect to in order to access the internet through Computer A.
Something like this
+----------+ +-----------+
| |+----SSH+-->| |
| A | | B |
|+--------+| | |
Internet <-++-+PROXY<++<SSH Tunnel--+ |
|+--------+| | |
+----------+ +-----------+
Install a proxy like squid on A which listens on port 3128, and then you can ssh to the server with this -ssh -L 3128:127.0.0.1:3128 user@B
That will allow B to access the internet through A
answered Feb 21 '14 at 2:33
Lawrence
1,889912
You can run a proxy on Computer A that computer B would then connect to in order to access the internet through Computer A.
Something like this
+----------+ +-----------+
| |+----SSH+-->| |
| A | | B |
|+--------+| | |
Internet <-++-+PROXY<++<SSH Tunnel--+ |
|+--------+| | |
+----------+ +-----------+
Install a proxy like squid on A which listens on port 3128, and then you can ssh to the server with this -ssh -L 3128:127.0.0.1:3128 user@B
That will allow B to access the internet through A
answered Feb 21 '14 at 2:33
Lawrence
1,889912
answered Feb 21 '14 at 2:33
Lawrence
1,889912
answered Feb 21 '14 at 2:33
Lawrence
1,889912
answered Feb 21 '14 at 2:33
Lawrence
1,889912
1,889912
Once connected to B, how the requests to Internet will be redirected to A? There's no configuration to change?
– A.L
Apr 18 '14 at 21:30
You'll need to set a proxy server on B to 127.0.0.1:3128
– Lawrence
Apr 22 '14 at 3:28
add a comment |
Once connected to B, how the requests to Internet will be redirected to A? There's no configuration to change?
– A.L
Apr 18 '14 at 21:30
You'll need to set a proxy server on B to 127.0.0.1:3128
– Lawrence
Apr 22 '14 at 3:28
Once connected to B, how the requests to Internet will be redirected to A? There's no configuration to change?
– A.L
Apr 18 '14 at 21:30
Once connected to B, how the requests to Internet will be redirected to A? There's no configuration to change?
– A.L
Apr 18 '14 at 21:30
You'll need to set a proxy server on B to 127.0.0.1:3128
– Lawrence
Apr 22 '14 at 3:28
You'll need to set a proxy server on B to 127.0.0.1:3128
– Lawrence
Apr 22 '14 at 3:28
add a comment |
@Lawrence 's answer was good enough for me to get it all down. But here are the more detailed steps I used.
I used this for using my laptops 4g dongle to route internet to a raspberry pi with a fixed line connection to a wifi router.
If your host is a mac:
install squidman
http://squidman.net/squidman/
(not just generic squid, I had too much trouble with building it)
The default settings seemed good enough for me.
connect to 4g
connect to wifi
- configure a static ip on your wifi and remove the gateway address (unless you are doing advanced things) else you get two default routes and its very annoying.
- make sure your wifi router is not using the same 192.168.x.y range (configure a different "x" in this case)
ssh -R 8080:localhost:8080 pi@<ip address of the pi or target machine>
On the PI
export http_proxy=http://localhost:8080
with visudo add the text:
Defaults env_keep = "http_proxy https_proxy ftp_proxy"
Now wget will work and so will sudo apt-get so you can install packages.
If you want git as well its here:
https://stackoverflow.com/questions/128035/how-do-i-pull-from-a-git-repository-through-an-http-proxy
edited May 23 '17 at 11:33
Community♦
1
answered Sep 13 '15 at 13:38
SpiRail
1493
Thanks for your answer. What is the role ofvisudohere? Where do you add the text? (I can't usesudoon my Web hosting)
– A.L
Sep 14 '15 at 16:56
I dont really understand your question, but if you just type visudo into terminal (you might need a 'sudo visudo') you can add the line of text to the bottom.
– SpiRail
Mar 18 '16 at 15:38
there's no root access on my Web hosting.
– A.L
Mar 18 '16 at 16:34
It was a long time ago now. But from memory visudo edits the sudoers file and the line being added means that those user environment variables are kept when typing sudo. If you cant do sudo, then you don't need this step anyway.
– SpiRail
Jun 13 '16 at 9:59
add a comment |
@Lawrence 's answer was good enough for me to get it all down. But here are the more detailed steps I used.
I used this for using my laptops 4g dongle to route internet to a raspberry pi with a fixed line connection to a wifi router.
If your host is a mac:
install squidman
http://squidman.net/squidman/
(not just generic squid, I had too much trouble with building it)
The default settings seemed good enough for me.
connect to 4g
connect to wifi
- configure a static ip on your wifi and remove the gateway address (unless you are doing advanced things) else you get two default routes and its very annoying.
- make sure your wifi router is not using the same 192.168.x.y range (configure a different "x" in this case)
ssh -R 8080:localhost:8080 pi@<ip address of the pi or target machine>
On the PI
export http_proxy=http://localhost:8080
with visudo add the text:
Defaults env_keep = "http_proxy https_proxy ftp_proxy"
Now wget will work and so will sudo apt-get so you can install packages.
If you want git as well its here:
https://stackoverflow.com/questions/128035/how-do-i-pull-from-a-git-repository-through-an-http-proxy
edited May 23 '17 at 11:33
Community♦
1
answered Sep 13 '15 at 13:38
SpiRail
1493
Thanks for your answer. What is the role ofvisudohere? Where do you add the text? (I can't usesudoon my Web hosting)
– A.L
Sep 14 '15 at 16:56
I dont really understand your question, but if you just type visudo into terminal (you might need a 'sudo visudo') you can add the line of text to the bottom.
– SpiRail
Mar 18 '16 at 15:38
there's no root access on my Web hosting.
– A.L
Mar 18 '16 at 16:34
It was a long time ago now. But from memory visudo edits the sudoers file and the line being added means that those user environment variables are kept when typing sudo. If you cant do sudo, then you don't need this step anyway.
– SpiRail
Jun 13 '16 at 9:59
add a comment |
@Lawrence 's answer was good enough for me to get it all down. But here are the more detailed steps I used.
I used this for using my laptops 4g dongle to route internet to a raspberry pi with a fixed line connection to a wifi router.
If your host is a mac:
install squidman
http://squidman.net/squidman/
(not just generic squid, I had too much trouble with building it)
The default settings seemed good enough for me.
connect to 4g
connect to wifi
- configure a static ip on your wifi and remove the gateway address (unless you are doing advanced things) else you get two default routes and its very annoying.
- make sure your wifi router is not using the same 192.168.x.y range (configure a different "x" in this case)
ssh -R 8080:localhost:8080 pi@<ip address of the pi or target machine>
On the PI
export http_proxy=http://localhost:8080
with visudo add the text:
Defaults env_keep = "http_proxy https_proxy ftp_proxy"
Now wget will work and so will sudo apt-get so you can install packages.
If you want git as well its here:
https://stackoverflow.com/questions/128035/how-do-i-pull-from-a-git-repository-through-an-http-proxy
edited May 23 '17 at 11:33
Community♦
1
answered Sep 13 '15 at 13:38
SpiRail
1493
@Lawrence 's answer was good enough for me to get it all down. But here are the more detailed steps I used.
I used this for using my laptops 4g dongle to route internet to a raspberry pi with a fixed line connection to a wifi router.
If your host is a mac:
install squidman
http://squidman.net/squidman/
(not just generic squid, I had too much trouble with building it)
The default settings seemed good enough for me.
connect to 4g
connect to wifi
- configure a static ip on your wifi and remove the gateway address (unless you are doing advanced things) else you get two default routes and its very annoying.
- make sure your wifi router is not using the same 192.168.x.y range (configure a different "x" in this case)
ssh -R 8080:localhost:8080 pi@<ip address of the pi or target machine>
On the PI
export http_proxy=http://localhost:8080
with visudo add the text:
Defaults env_keep = "http_proxy https_proxy ftp_proxy"
Now wget will work and so will sudo apt-get so you can install packages.
If you want git as well its here:
https://stackoverflow.com/questions/128035/how-do-i-pull-from-a-git-repository-through-an-http-proxy
edited May 23 '17 at 11:33
Community♦
1
answered Sep 13 '15 at 13:38
SpiRail
1493
edited May 23 '17 at 11:33
Community♦
1
edited May 23 '17 at 11:33
Community♦
1
edited May 23 '17 at 11:33
Community♦
1
1
answered Sep 13 '15 at 13:38
SpiRail
1493
answered Sep 13 '15 at 13:38
SpiRail
1493
answered Sep 13 '15 at 13:38
SpiRail
1493
1493
Thanks for your answer. What is the role ofvisudohere? Where do you add the text? (I can't usesudoon my Web hosting)
– A.L
Sep 14 '15 at 16:56
I dont really understand your question, but if you just type visudo into terminal (you might need a 'sudo visudo') you can add the line of text to the bottom.
– SpiRail
Mar 18 '16 at 15:38
there's no root access on my Web hosting.
– A.L
Mar 18 '16 at 16:34
It was a long time ago now. But from memory visudo edits the sudoers file and the line being added means that those user environment variables are kept when typing sudo. If you cant do sudo, then you don't need this step anyway.
– SpiRail
Jun 13 '16 at 9:59
add a comment |
Thanks for your answer. What is the role ofvisudohere? Where do you add the text? (I can't usesudoon my Web hosting)
– A.L
Sep 14 '15 at 16:56
I dont really understand your question, but if you just type visudo into terminal (you might need a 'sudo visudo') you can add the line of text to the bottom.
– SpiRail
Mar 18 '16 at 15:38
there's no root access on my Web hosting.
– A.L
Mar 18 '16 at 16:34
It was a long time ago now. But from memory visudo edits the sudoers file and the line being added means that those user environment variables are kept when typing sudo. If you cant do sudo, then you don't need this step anyway.
– SpiRail
Jun 13 '16 at 9:59
Thanks for your answer. What is the role of
visudo here? Where do you add the text? (I can't use sudo on my Web hosting)– A.L
Sep 14 '15 at 16:56
Thanks for your answer. What is the role of
visudo here? Where do you add the text? (I can't use sudo on my Web hosting)– A.L
Sep 14 '15 at 16:56
I dont really understand your question, but if you just type visudo into terminal (you might need a 'sudo visudo') you can add the line of text to the bottom.
– SpiRail
Mar 18 '16 at 15:38
I dont really understand your question, but if you just type visudo into terminal (you might need a 'sudo visudo') you can add the line of text to the bottom.
– SpiRail
Mar 18 '16 at 15:38
there's no root access on my Web hosting.
– A.L
Mar 18 '16 at 16:34
there's no root access on my Web hosting.
– A.L
Mar 18 '16 at 16:34
It was a long time ago now. But from memory visudo edits the sudoers file and the line being added means that those user environment variables are kept when typing sudo. If you cant do sudo, then you don't need this step anyway.
– SpiRail
Jun 13 '16 at 9:59
It was a long time ago now. But from memory visudo edits the sudoers file and the line being added means that those user environment variables are kept when typing sudo. If you cant do sudo, then you don't need this step anyway.
– SpiRail
Jun 13 '16 at 9:59
add a comment |
Just adding some more and clear steps to @Lawrence and @SpiRail's answers.
Do the setup as follows:
Setup on Host A:
- Install proxy server Squid on Host A . By default Squid listens on port 3128.
yum install squid
- Comment the
http_access deny allthen addhttp_access allow allin /etc/squid/squid.conf - If Host A itself uses some proxy say 10.140.78.130:8080 to connect to internet then also add that proxy to
/etc/squid/squid.confas follows:
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
cache_peer 10.140.78.130 parent 8080 0 no-query default
never_direct allow all
Setup on Host B:
- Add the following entries to /etc/environment
export http_proxy=http://127.0.0.1:3129
export https_proxy=http://127.0.0.1:3129
source /etc/environment
Now our setup is complete.
Creating SSH tunnel with Remote port forwarding
- Run the follwoing SSH command from Host A
ssh -R 3129:localhost:3128 user@HostB
- This will allow Host B to access the internet through Host A.
Checking the internet:
- Run the following command from Host B
wget https://google.com
Traffic flow diagram :
edited 58 mins ago
Rui F Ribeiro
39.1k1479130
answered Dec 23 '18 at 18:21
Dhiru
112
add a comment |
Just adding some more and clear steps to @Lawrence and @SpiRail's answers.
Do the setup as follows:
Setup on Host A:
- Install proxy server Squid on Host A . By default Squid listens on port 3128.
yum install squid
- Comment the
http_access deny allthen addhttp_access allow allin /etc/squid/squid.conf - If Host A itself uses some proxy say 10.140.78.130:8080 to connect to internet then also add that proxy to
/etc/squid/squid.confas follows:
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
cache_peer 10.140.78.130 parent 8080 0 no-query default
never_direct allow all
Setup on Host B:
- Add the following entries to /etc/environment
export http_proxy=http://127.0.0.1:3129
export https_proxy=http://127.0.0.1:3129
source /etc/environment
Now our setup is complete.
Creating SSH tunnel with Remote port forwarding
- Run the follwoing SSH command from Host A
ssh -R 3129:localhost:3128 user@HostB
- This will allow Host B to access the internet through Host A.
Checking the internet:
- Run the following command from Host B
wget https://google.com
Traffic flow diagram :
edited 58 mins ago
Rui F Ribeiro
39.1k1479130
answered Dec 23 '18 at 18:21
Dhiru
112
add a comment |
Just adding some more and clear steps to @Lawrence and @SpiRail's answers.
Do the setup as follows:
Setup on Host A:
- Install proxy server Squid on Host A . By default Squid listens on port 3128.
yum install squid
- Comment the
http_access deny allthen addhttp_access allow allin /etc/squid/squid.conf - If Host A itself uses some proxy say 10.140.78.130:8080 to connect to internet then also add that proxy to
/etc/squid/squid.confas follows:
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
cache_peer 10.140.78.130 parent 8080 0 no-query default
never_direct allow all
Setup on Host B:
- Add the following entries to /etc/environment
export http_proxy=http://127.0.0.1:3129
export https_proxy=http://127.0.0.1:3129
source /etc/environment
Now our setup is complete.
Creating SSH tunnel with Remote port forwarding
- Run the follwoing SSH command from Host A
ssh -R 3129:localhost:3128 user@HostB
- This will allow Host B to access the internet through Host A.
Checking the internet:
- Run the following command from Host B
wget https://google.com
Traffic flow diagram :
edited 58 mins ago
Rui F Ribeiro
39.1k1479130
answered Dec 23 '18 at 18:21
Dhiru
112
Just adding some more and clear steps to @Lawrence and @SpiRail's answers.
Do the setup as follows:
Setup on Host A:
- Install proxy server Squid on Host A . By default Squid listens on port 3128.
yum install squid
- Comment the
http_access deny allthen addhttp_access allow allin /etc/squid/squid.conf - If Host A itself uses some proxy say 10.140.78.130:8080 to connect to internet then also add that proxy to
/etc/squid/squid.confas follows:
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
cache_peer 10.140.78.130 parent 8080 0 no-query default
never_direct allow all
Setup on Host B:
- Add the following entries to /etc/environment
export http_proxy=http://127.0.0.1:3129
export https_proxy=http://127.0.0.1:3129
source /etc/environment
Now our setup is complete.
Creating SSH tunnel with Remote port forwarding
- Run the follwoing SSH command from Host A
ssh -R 3129:localhost:3128 user@HostB
- This will allow Host B to access the internet through Host A.
Checking the internet:
- Run the following command from Host B
wget https://google.com
Traffic flow diagram :
edited 58 mins ago
Rui F Ribeiro
39.1k1479130
answered Dec 23 '18 at 18:21
Dhiru
112
edited 58 mins ago
Rui F Ribeiro
39.1k1479130
edited 58 mins ago
Rui F Ribeiro
39.1k1479130
edited 58 mins ago
Rui F Ribeiro
39.1k1479130
39.1k1479130
answered Dec 23 '18 at 18:21
Dhiru
112
answered Dec 23 '18 at 18:21
Dhiru
112
answered Dec 23 '18 at 18:21
Dhiru
112
112
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f116191%2fgive-server-access-to-internet-via-client-connecting-by-ssh%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
if the downvoter of this questions sees this comment, would you mind letting us know why? I don't see anything wrong with it, even if the answer is "not possible".
– strugee
Feb 21 '14 at 2:11
Possible duplicate of unix.stackexchange.com/questions/111972/…
– Lawrence
Feb 21 '14 at 2:24
ssh allows you to do either local or remote port forwarding -- i.e. when an application on B attempts to open a local port X, that gets forwarded to A as an attempt to open whatever port you've specified. So then A is free to forward that connection request out to the Internet. You haven't mentioned what port(s) or protocols you're trying to use, that would make construction of detailed answers easier.
– Stabledog
Feb 21 '14 at 6:29
I'm trying to use composer, so it should be HTTP and HTTPS requests to github in order to download the packages.
– A.L
Feb 22 '14 at 16:44