So, you're at work, and you want to surf the web on your *cough* trusty Windows box. Only problem is, you're not allowed. They even block outgoing http. What's a geek to do? Why, find a way around that, of course! "But how?" you might ask. Read on and find out..
For this to work, you need to install stunnel on your home server, and forward SSH traffic to the box (if it isn't your firewall.)
Stunnel can be found in /usr/ports/security/stunnel and the current version as of this writing and last night's cvsup is 4.14.
Once you have it installed, copy the sample config, located by default in /usr/local/etc/stunnel to stunnel.conf and edit it. This is a simple version for our proxy - use $ stunnel -help for all the options.
root@chronos [~]# cat /usr/local/etc/stunnel/stunnel.conf
cert = /usr/local/etc/stunnel/stunnel.pem
setuid = stunnel
setgid = stunnel
; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
client = no
; For my tunneling proxy:
[proxy]
accept = 443
connect = 22
;EOF
You'll have to create your own stunnel.pem file (HOWTO coming soon, or just grab one here), but aside from that, make sure to add stunnel_enable="YES" to your /etc/rc.conf
On the Windows side, you'll need a few things (what else is new?):
Open notepad and paste these 2 lines:
start "" /min stunnel.exe -c -r your.home.ip:443 -d 22
start "" /min putty.exe -D 8080 -P 22 -v -ssh -pw password user@127.0.0.1NOTE: Be sure to replace password with your password, and user with your local *nix UID!
Place all of these files in a directory of your personal preference, and run the batch file we just created.
Then configure your browser to use a SOCKS proxy using port 8080 on localhost (127.0.0.1). Keep all the other fields blank. Restart your browser after running your batch file, and if everything goes well, you'll be surfing the Net through an SSL tunnel!