2020-09-15

Windows SSH Forwarding Socks Proxy

 Windows is not what it used to be (completely useless). Nowadays it is possible to forward yourself your local connection via a socks proxy to some place remote. On Linux and other OS, this is nothing new, but it was news to me, that this is possible with Windows too. It's basically the same as with linux / others, just with the exception of one bug, that requires hard-coding the PATH to the SSH client exe.

What you need:

  • OpenSSH Client (optional Windows feature) - or download.
  • OpenSSH ssh-agent (optional feature / service) - only for convenience, who likes to enter all those passwords (not me!)
  • OpenSSH server. Most likely you won't have that enabled on your Non-Admin host - but what's stopping you from downloading it or building your own? - Right - nothing.

Example:

A complected setup with 2 jump hosts

  • Opsn-SSH running on localhost (A container would work too - or a some VM,WSL...)
  • First jump host "jump"
    • There is some bug in the current open-ssh client for windows that breaks "ProxyJump" and requires this ProxyComand with full path.
  • Second jump host "ap008" (only reachable from jump host)
    • Basically the same setup. Add as many jump hosts as you need on your path to success.

sshd-config:

You can go with the defaults here pretty much. Just change the paths accordingly to where you put the installation and where you create the host key etc. Two important parts:

  1. You need to set: "UsePrivilegeSeparation no" because you are not admin
  2. You need to authenticate with key

See the link to the actual sshd-config config file.

ssh-config:

Hostname localhost
    # Local IP of Container / VM running sshd
    Hostname 127.0.0.1
    Port 22222
    User bon
    DynamicForward 8888

# jump host
Host jump
    Hostname 10.XXX
    User jumphostuser


# second jump host
Host ap008
    User appuser
    HostName 10.XXX
    ProxyCommand c:/Windows/System32/OpenSSH/ssh.exe jump -W %h:%p

Host erde
    User bon
    Hostname 100.xxx
    Port 2225
    ProxyCommand c:/Windows/System32/OpenSSH/ssh.exe ap008 -W %h:%p
    RemoteForward 8888 127.0.0.1:8888

Run it:

Start your private SSH server

PS> sshd -f sshd_config_localhost
PS> ssh localhost
Background this, or open a new tab/window
 
PS> ssh erde
Now you can use localhost:8888 as a socks5 proxy to connect to whatever needs connecting.
Posted by at No comments:
Labels: , , , , ,

2020-09-13

Car Laptop

 Time to add my car / emergency laptop to the diary.

FUJITSU SIEMENS Amilo Si 1520

Specs

  • OS: Windows 10  (originally came with Vista)
  • CPU: Intel Core 2 Duo T5600 1833MHZ
  • GPU: Intel 82945GM(L/S/Z)/GT Internal Graphics [A3] 256MB
  • RAM: 3 GB DDR2 SDRAM 332MHz
  • Chipset: Intel 945GM (Calistoga-GM) + ICH7-M/U 
  • Sound: Intel 82801GB ICH7 - High Definition Audio [B0] 
  • Ethernet: Intel ICH7 Mobile LOM with 82562GT/ET/GZ/EZ PLC
  • FireWire: Ricoh RL5C832 IEEE1394 FireWire Controller
  • WiFi: Intel PRO/Wireless 3945ABG Network Connection (MOW2)
  • Bluetooth: Cambridge Silicon Windigo BTM01C2AC Bluetooth Adapter
  • Build-in Card reader: Ricoh RL5C843 SD/MMC Host Controller
  • Bios date (02/14/2007)
  • Display: Chi Mei N121I3-L01(1280 x 800)
  • HDD: Samsung SSD 850 EVO 120GB 
  • Optical Drive: HL-DT-ST DVDRAM GSA-T20N (DVD+R DL)
  • Connections
    • DVI
    • USB 4x
    • Fire-Wire
    • Ethernet
    • Modem
    • S-Video
    • 3mm audio in/out

Results

That's not great - given for a Windows 10 Laptop. But it it still quite usable. I mean, don't open 10+ tabs in Firefox and don't try any modern games. But for simple usage, it's still OK.

Why?

It's the car laptop. It basically stays in the car all the time and is intended to be used during emergencies. There may be times where we have to evacuate in a hurry and I will not waste any time in gathering computer stuff. So I have this bag in the car, with a laptop, essential adapters etc, for emergency use - or when I'm stuck in the car waiting for someone or something.

Bla 

Just my usual - about laptops being built better in the past. The fact that this thing also survived being a kids laptop, being thrown around in the car for several yeas without anything breaking proofs that. Also it's very serviceable - every component that one might want to switch is reachable through a little hatch. Also, even though it's small (30cm x 22cm), it has a optical drive - which is nice on vacations, when there is no internet and the weather is bad and you want to watch a movie or something with the kids.

Pictures


 

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)