2/24/2023 0 Comments Ssh tunnel on iphone![]() ![]() As we’re treating the tunnel as a SOCKS proxy we don’t need to have anything else setup at the other end (no other proxy server waiting to route the requests) although you could setup privoxy or any other kind of proxy if you wanted more control. It will then setup a local listener on port 8081 and dynamically route all traffic coming to this port through the SSH tunnel. The above command is a simple SSH tunnel setup to connect to port 64000 on and logon as the user username using the certificate file stored in /home/root/.ssh/id_dsa. I added the private key to ~/.ssh/id_dsa (or id_rsa, your choice) and setup a bash script to kick off the SSH tunnel (typing that command each time gets boring fast). I opted to add a certificate for quick easy access and restricted access to the certificate to the root user on the iPhone (you have changed your root password right ?). Next up is the SSH Tunnel, and doing this on an iPhone isn’t much different to a normal linux system (just harder to type for obvious reasons). Now that we’ve got the 3proxy.cfg file saved (mines stored in /usr/bin with the 3proxy executable) you’ll need to run chmod +x to make it executable. ![]() Although leaving the allow set to * (all) is a concern, remember that the proxy is only listening on the localhost address and from outside the port is blocked. You can find more configuration information on the 3proxy website. proxy – this final command tells 3proxy to start a proxy on port 8080 using anonymous proxy mode (-a) and listen only in internal loopback.parent – This is where we’re setting the next proxy in the chain (1000 is always use this parent, SOCKS5+ is the type and then the SSH tunnel listening ip and port).allow – Currently set to * for all (you can limit this by username/password or IP, however this caused issues in testing).internal – Listen in the internal interface only.fakeresolve – Tells 3proxy to route DNS lookups through the proxy.rotate 5 – Sets the number of log files to keep before rotating.log – Setup a log that rotates daily (the D option).auth iponly – sets the authorization to be ip restricted.daemon – Tells 3proxy to run as a background process.#!/usr/bin/3proxy – Tells the script what interpreter program to use.The quick rundown on the above configuration. By using the following configuration you tell 3proxy to forward all traffic to a second proxy server, this time a SOCKS proxy (in this case my SSH tunnel). Starting off we’ll take a look at the configuration of 3proxy. Backgrounder (or some other way to run commands and have them running in the background).An SSH server (setup for either password or certificate access).I searched for another solution and settled on using the 3proxy application (in cydia for those lucky enough to have a jailbroken iPhone) to setup a local HTTP proxy.Ī few requirements to get this up and running on your iPhone. I experimented with this solution and found that the HTTP proxy support was really just that, HTTP proxy support and nothing else. As with everything on the iPhone however, simple always turns into complicated very quickly. Surely I can setup an SSH Tunnel to my server and tell the iPhone to use this as a SOCKS proxy. The iPhone (at least version 2.2.1) supports the use of HTTP proxies when connecting via a wireless connection. ![]() Stemming (mostly) from my unwillingness to setup a VPN server (my home ADSL isn’t good enough quality, and doesn’t have a fixed IP) or pay a huge price for a VPN solution through my existing hosting provider (thanks for the cheap hosting Dreamhost). ![]() This is something I’ve been fighting with for a while now. The fallback is to use whatever wireless you can find, insecure or not. Still, this solution doesn’t work everywhere and isn’t for everyone. Not cheap if you’re using it long-term, but if you’re only there for a couple of days it’s a lot cheaper than paying for a hotel WLAN that’s insecure and only works inside the hotel. For example in the Netherlands it costs around €3.50 per day of data transfer. When I’m out of the country I usually try to buy a pay-as-you-go sim card and pay for the daily data transfer. That said, I rarely use the built in wireless for these purposes, and rely instead on the reasonably good 3G network in Austria. Most of the time I feel relatively secure when I’m browsing the web or checking twitter on my iPhone. Note: This post is from 2009 and should be considered depreciated… things move quickly in IT! ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |