tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: ssh SOCKS vs. IPv6 destinations




On Jul 27, 2009, at 8:55 PM, matthew sporleder wrote:

On Mon, Jul 27, 2009 at 6:55 PM, Steven M. Bellovin<smb%cs.columbia.edu@localhost > wrote:
I generally do my browsing over an ssh tunnel to somewhere not on a
wireless net, for all the obvious reasons.  In the past, I've run a
squid proxy on a well-located machine, and ssh'd to it, forwarding port
3128 (or whatever) from my laptop to that proxy.  In the interest of
reducing the number of moving parts I have to maintain, I tried using
ssh's built-in SOCKS proxy (the DynamicForward option in the config
file) instead. That works well for most web sites, but if the web site has a AAAA record -- and that includes www.netbsd.org -- the connection
returns EOF immediately.

Any fixes?  Work-arounds?


this probably isn't what you're looking for, but have you thought of
trying something like delegate?

http://www.delegate.org/delegate/HowToDG.html#alvpn
http://www.delegate.org/delegate/Manual.htm#SSLTUNNEL
http://www.delegate.org/delegate/Manual.htm#STLS

(also replaces squid)

I'll take a look at it, though it's not only another moving part, from that web page it appears to be not just a general-purpose tunnel and proxy but also a floor wax and a dessert topping....

Home | Main Index | Thread Index | Old Index