https://bugzilla.mindrot.org/show_bug.cgi?id=3614
Darren Tucker <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #2 from Darren Tucker <[email protected]> --- > to do updates and other configuration. I did something like this, but at the application instead of the network layer. I had a HTTP proxy (I used Squid, but you could use anything, or in a pinch you could use another ssh -D as a SOCKS proxy), then when I logged in I had a remote port forward to that proxy ("ssh -L 3128:127.0.0.1:3128 device"), and configured the device's package manager to use 127.0.0.1:3128 as a HTTP proxy. To use ssh itself as the proxy without a separate proxy server, you could probably do something like this (admittedly it's bit Rube Goldberg): Host sandbox-device ProxyCommand ssh -D 1080 localhost netcat %h %p RemoteForward 1080 127.0.0.1:1080 The ProxyCommand would make an SSH connection to itself and establish a SOCKS server on 1080 then connect from there to your device, and the RemoteForward would forward port 1080 on that device to the SOCKS server, which would relay out to the world. Your package manager would need to be configured to use a SOCKS proxy, though. There are also tools like http://darkk.net.ru/redsocks/ which act as an adapter between iptables transparent redirects and a SOCKS server such as ssh -D. There is a bunch of related discussion on bug#1295 and bug#2526. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
