How to do ‘SSH tunneling’ using with SSHuttle?
Hi people,
In this blog, we are going to do ssh tunneling using with SShuttle. First of all, we should talk about what is tunneling and why we use SSH.
What is tunneling?
With tunneling, we can transport our different protocol packets on any other protocols. For example, maybe we can not easily access the internet or our access is blocked or filtered by our company or your country. But you want to access the internet or your private communication channels. In this case, we can access it using the ssh tunneling method and we can transport all our network packets in ssh tunneling. (even DNS requests)
To do this, we should have a server that can be accessible on the Internet.
Why do we use SSH?
As you know, SSH means Secure Shell and all the SSH packets are being transferred as encrypted. Herewith, an attacker or other security devices can not read your packet’s detail and they can not block those packets. We will access blocked services on the internet using SSHuttle and we will transport our packets in ssh tunneling. You can get Sshuttle script from github repository below.
GitHub repo: https://github.com/apenwarr/sshuttle/
There are three types of SSH tunneling. First is Local port forwarding, Second is Remote port forwarding and last is Dynamic port forwarding.
Let’s start to install Shhuttle. I have mac os and I installed it using ‘brew install sshuttle’ command. If you are on a Linux system, you can use apt packet manager for installing sshuttle and you can use this command ‘apt install sshuttle’
After installing, we will write this command on terminal. ‘sshuttle –dns –r user@remoteserver:port 0/0’
There are three parameters that we used. One of them is ‘ — dns’. Using this parameter, (as I said on top) we can send DNS packets and requests. The second is ‘-r’ parameter and using this parameter, we are writing our credentials (username, server IP address and port number). The last parameter gives the opportunity for sending all subnet’s packets over tunneling.
If our credential was correct, we will see ‘Connected’ message as screenshot. When we check our new IP address with curl command, we will see our new IP address. That mean, connecting is successful.
See you other blogs. Take care.
