Use a website host as an encrypted proxy server in Linux

Article Title: Use a website host as an encrypted proxy server in Linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

I have introduced how to use Amazon EC2 to create a proxy server to "flip the wall". Although the network speed is very fast, this method still has some disadvantages. Amazon EC2 is billed on an hourly basis, so I cannot open my proxy server at any time. In addition, each time you want to use a proxy, you have to wait for a minute or two to start the server.

However, I saw this post today and found that I can use a general website host as my proxy server. Unlike Amazon EC2, a common website host runs 24/7, and you would have to use it as your website without extra money. The above post is specially written to Windows users who use Dreamhost. However, any Linux user who supports the SSH service website host can also enjoy the freedom of the wall. I have compiled a small BASH script for Linux users. Its main functions are as follows:

Create an SSH tunnel connection with the website host

Close the SSH tunnel connection safely after the SSH tunnel is used up.

> With this script, I tried youtube.com, which was blocked by GFW at ordinary times... As a result, Firefox almost fainted me! With this proxy, the network speed is very fast... It seems that I am still surfing the internet in the UK (more than 8 M bandwidth is generally used over there )? You can watch the video:

Introduce the script content

Export SSH_HOST = admin@yoursite.com # username @ host

You need to change this... Is the SSH user name and host address that your webhost gives you. The format is username @ address (anyone who has used SSH should know what to write)

If [! -F/tmp/. tunnel]

Check whether there is an SSH tunnel on. If yes, disable it. Create a new SSH tunnel.

Ssh-f-D 9999 $ SSH_HOST "if [-f ~ /. Tunnel]; then rm ~ /. Tunnel; fi; while [! -F ~ /. Tunnel]; do echo>/dev/null; done "&

Create a new SSH tunnel and set the local SOCKS port to 9999. The tunnel will be open until the remote directory "~ /"Until someone has created the. tunnel file.

Touch/tmp/. tunnel

Create the. tunnel file on your computer. In this way, the script will know that there is an SSH tunnel.

Ssh $ SSH_HOST "touch ~ /. Tunnel"

In the remote directory "~ /"To create the. tunnel file, which will disconnect your computer from the Proxy Server

Rm/tmp/. tunnel

Delete the. tunnel file. Then the script will know that the SSH tunnel is closed.

Download and execute the script

You can download the script here

Put the downloaded file in your first directory, for example, in ~ /Bin /. Use a text editor to modify the ssh variables in the script and use chmod to change the file permissions.

Chmod u + x tunnel. sh

Create a connection

Execute the script on the terminal, and then close the terminal.

Close connection

Execute the script again on the terminal and disable Firefox (if Firefox is still using a tunnel, the connection cannot be closed temporarily)

Use an SSH key for authorization

You may have noticed that... There is no place in the above script to write your SSH password. This is because I am using an SSH key to authorize computers and servers. This is more automated and safer than writing passwords directly into text files. Open a terminal and configure the key according to the following steps:

[Jonolumb @ jonoxps. ssh] # ssh-keygen-t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/jonolumb/. ssh/id_rsa ):

Enter passphrase (empty for no passphrase ):

Enter same passphrase again:

Your identification has been saved in/home/jonolumb/. ssh/id_rsa

Your public key has been saved in/home/jonolumb/. ssh/id_rsa.pub

The key fingerprint is:

H7: 10: 49: 46: AB: 2 t: 3b: a3: 36: 2z: 15: 56: d4: f2: b7: 3d

Note that the password should be left blank during configuration.

Copy the generated/home/jonolumb/. ssh/id_rsa.pub content to the remote server directory. The specific location is:

~ /. Ssh/authorized_keys

Make sure that the permissions of the remote authorized_keys and local id_rsa files are 700.

In this way, you can automatically log on to the remote server.

Configure Firefox to use proxy

After creating an SSH tunnel, go to Firefox and open:

Preferences --> advanced --> connection settings

Select "manually configure proxy" and set it:

> HTTP Proxy: localhost port: 9999

Note: This is a teaching article written in Chinese by Jonathan, a British student.

Jonathan is British and has been in Beijing for two years, but he has been so skillful in using Chinese. In addition, he is a hardcore Linux fan and hopes to meet more Chinese Linux fans. Learn from each other and communicate with each other.