I’ve come across a couple of corporate VPN solutions that appear to open a SSH tunnel for the VPN and push all traffic down it accordingly. Sometimes it’s very useful to be able to test routing from a remote source, or to give your users a cheap and quick VPN. (As well as in this case the VPN and Firewall provider didn’t provide a native Mac VPN client.)
There is two different ways in which I use this system and a version for Windows users with PuTTY may following soon!
Using SSH as a SOCKS Proxy
Advantages: Secure and safe, encrypted tunnel, can be used with every application installed, cane be used for services other than HTTP.Disadvantages: It doesn’t look as ‘nice’ as a proper VPN client.
Instructions
On your Mac open Terminal (Applications – Utilities – Terminal), and you’ll want to use the following syntax:ssh -D 8080 [username]@[IP address or hostname]If your SSH port is on a different port you’ll need the following:
ssh -D 8080 -p [port number] [username]@[IP address or hostname]An example could be:
ssh -D 8080 user1@vpn.companya.comNow change your SOCKS proxy, open up System Preferences (Applications – System Preferences), Network.
On the following box click Advanced.
In the next box that pops up you’ll want to tick the SOCKS Proxy option, and put the following entry in the text box 127.0.0.1 port 8080, like this:
And now all your applications that are using the setting in the control panel will be able to use the VPN session, just don’t shut down the Terminal window, that is where the magic is happening!
Using SSH as a Secure HTTP Proxy
Advantages: Sometimes you don’t want all your traffic going in through a SSH tunnel, just specific HTTP traffic will do.Disadvantages: Again firewall rules may impede your ability to do this and you can only go to one site at a time!
Instructions
On your Mac open Terminal (Applications – Utilities – Terminal), and you’ll want to use the following syntax:ssh -L 2222:[website address]:[port] [username]@[IP Address or hostname]An example could be:
ssh -L 2222:www.companya.com:80 user1@vpn.companya.comNow this method is far easier, you don’t need to make any settings in your System Settings, just open up a web browser and point it to:
http://127.0.0.1:2222
from http://www.gypthecat.com/using-ssh-as-a-socks-vpn-on-mac-os