Today I found a solution for a problem I had: connecting via the fixed IP address of my virtual private server to a server running subversion thanks to an article written by Oliver Gorwits: Teleworking - A simple solution for secure remote access to IP-restricted services for teleworkers.
The solution he describes uses
While it's possible to configure a proxy in a configuration
file that's read by the subversion client, I prefer
the solution Oliver describes, also because it can work
with any network application.
I used the following command to forward port 1080, which is the port the Internet Assigned Numbers Authority (IANA) has reserved for SOCKS proxy, to start a SOCKS 5 proxy:
ssh -fND 1080 firstname.lastname@example.org -p port
Note: since I don't run
ssh on the default port (22), I use
-p switch to specify the port
ssh should use to connect to
A short explanation of the
ssh switches I used:
Note: the above command must be running in order to use proxychains. So if you get disconnected, or restart the computer you have to execute the command again.
sudo apt-cache search
proxychains told me that
proxychains was available via the
Ubuntu 8.10 repositories. So the only thing I had
to do to install
proxychains on my
development machine was:
sudo apt-get install proxychains
After I had installed proxychains I created a proxychains
configuration file per Oliver's description. First I
had to create the
which I did as follows:
Then I copied the following into a file which
I saved as
proxychains.conf into the
directory I just had created:
random_chain chain_len = 1 tcp_read_time_out 15000 tcp_connect_time_out 10000 [ProxyList] socks5 127.0.0.1 1080
If you run the proxy on the same port as I do, there is no need to change this file.
Using proxychains is as simple as putting
proxychains in front of the command. So,
for example to check out using
proxychains svn co https://example.com/project/trunk
The server at example.com will see the IP address of my VPS instead of the cable modem I use to connect to the Internet. Since the IP address of the VPS is static for practical purposes; it might change in the future but this will be rare, the IP address can be added to the firewall of the subversion server.
As I wrote at the beginning, you can use
proxychains with any other program
that connects to the Internet. For example, I
closed Firefox and then reopened Firefox using:
proxychains firefox http://hostip.info/
Which resulted in hostip.info reporting the IP address of the proxy I used:
Note that I didn't change any settings in Mozilla
Firefox itself, which is the big advantage of
proxychains in my opinion.