ssh-from
simplifies common usage of SSH tunnels.
It instructs SSH to start a SOCKS proxy, and spawns a (local) shell that uses this proxy.
$ ssh-from my-host
$ curl http://foo/bar # the request is tunnelled through my-host
Install dependencies (tsocks is optional):
sudo apt install python3 lsof tsocks
Download the script somewhere in your PATH and make it executable:
sudo curl -fL https://gist.github.com/mildsunrise/501037e2c29ace3edc406c77551b9990/raw/ssh-from.py -o /usr/local/bin/ssh-from
sudo chmod +x /usr/local/bin/ssh-from
ssh-from
works by starting ssh
in the background (instructing it to create a SOCKS proxy) and starting a shell with *_proxy
variables set to use that proxy. Commands that have proxy support (such as curl
) will pipe their connections through the specified host.
It's recommended to install this helper program as well, which adds proxy support to ssh
(and thus ssh-from
). This lets you chain hops easily:
$ ssh-from hop1
$ ssh-from hop2
$ ssh target
Even for commands that do not have proxy support, you can still run them with tsocks
to have their connections go through the proxy.
ssh-from
takes care of creating a configuration file for tsocks (and setting it on $TSOCKS_CONF_FILE
), so all you have to do is run the command prefixed with tsocks
:
$ ssh-from hop
$ tsocks <command>
Limitations: because tsocks works by patching libc functions (socket
, connect
, etc.) it doesn't play well with IPv6/dual-stack, and resolutions do not happen at the remote host.