Bypass corporate proxies and firewalls with an SSH Tunnel

DATE

“Seriously, I can’t get anything done in this office thanks to their draconian proxy configuration, everything is blocked!”

Sound familiar? If you are a web developer, you need unrestricted access, right? So let’s sort that out. I’m assuming you have a linux web server that isn’t locked down outwith the network that you can putty into.

Open Putty! Choose SSH > Tunnels. Add a dynamic port 7777 (or whatever) (ignore the 10139, that’s my debugger port) and save the settings.

putty

Now go into Chrome settings, click advanced, Change Proxy Settings, LAN Settings, Advanced.
Then in Socks, enter localhost and your port (7777).

chrome

You can now browse every web site again! 😀

Need IRC too? same deal. I use Pidgin. Open Pidgin, then click the Accounts menu, Manage Accounts, click on your account, click modify, click Proxy, choose SOCKS5 as the proxy type, then enter localhost and 7777, as below:

pidgin

You are now on IRC again!

Now, Git. All that is required to get git working is to add the socks5 proxy:

git config --global http.proxy 'socks5://127.0.0.1:7777'

And now you can clone repositories with no problem!

UPDATE:
Okay, I finally got everything unrestricted in the CLI too, by using a piece of software called ProxyCap. Check it out:

proxy

proxy2

 connection works

Advertisements

XDebug your Remote Server

I love IRC. My friend just doesn’t get it however. But he isn’t looking in the right places.

For instance, we are having a hellish time with our server migration in work today. Our site was transferred to a bigger better CentOS cPanel server, only to act very strangely and mess up. Checking logs only tells us so much, so I tried to get XDebug installed on the server. I was having issues, and so went into freenode and joined the ##php channel, where I was redirected to #xdebug, where I received direct help from XDebugs main contributor, Derick Rethans! You couldn’t ask for better assistance!

Anyway, lets get it installed. Log in to your server as root, and download the xdebug source code. Then run the following from within the source folder:

phpize
./configure
make
make install

Then edit your php.ini, with the following:

zend_extension=xdebug.so
xdebug.remote_enable=On
xdebug.remote_port=9000
xdebug.remote_handler="dbgp"
xdebug.remote_autostart=0
xdebug.remote_connect_back=0
xdebug.idekey = PHPSTORM
xdebug.max_nesting_level = 250
xdebug.remote_log = "/home/allagent/xdebuglog"
xdebug.remote_host = 127.0.0.1

Now there are a couple of settings to be aware of. As I am in work and behind a router, connect_back = 1 wouldn’t work. If you can set up port forwarding on your router, then do so! And remove the remote host 127.0.0.1 line. If not, we set it as 0, and set up an SSH tunnel. Derick sent me his blog link explaining how this is done so check it out here:

http://derickrethans.nl/debugging-with-xdebug-and-firewalls.html

In PHPStorm (you are using storm, right?), goto your run/debug configurations and add a PHP Web Application. I called mine LiveDebug, but you can call it whatever you like. In the server drop down, add your server, tick use path mappings,  find your index.php, and stick in the absolute path for the same file on the remote server (something like /home/username/public_html/index.php). You should do the same with the document root, which means it shopuld find all the rest without having to manually set each page/file.

Now for the good bit! Set a breakpoint in your code by clicking to the left of the code but to the right of the line numbers. A red spot should appear to signify you wish to pause the code at that point for inspection. Click the Run menu, and click debug. Then select LiveDebug, or whatever you called it. a browser window should open, and in Storm the debug frame will pop out. Click the variables tab. You can see every variable as it is set at that line of code. To the right of the tabs you have buttons for skipping over code, and stepping into functions etc! Have fun!

Now hopefully I can figure out why this new server is acting up!

Setup SSH keys for login without password

Sick of being asked for your password? Set up SSH authorised keys and forget about it!

you@localmachine:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa): 
Created directory '/home/you/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/you/.ssh/id_rsa.
Your public key has been saved in /home/you/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4
you@localmachine

you@localmachine:~> chmod -R go-rwx ~/.ssh

Now copy the contents of /home/you/.ssh/id_rsa.pub, and SSH in for the last time with your password to your remote machine:

you@localmachine:~> ssh user@remote.com
Password:
Last login: Tue Jan 28 14:14:51 2014 from 83.86.250.39
CentOS release 6.3 (Final)

user@remote.com:~> cd .ssh
user@remote.com:.ssh> nano authorized_keys

Paste in the contents you copied from your public key file. Make sure it is all on ONE LINE. Save and exit.

user@remote.com:.ssh> cd ..
user@remote.com:~> chmod -R go-rwx ~/.ssh
user@remote.com:.ssh> exit
you@localmachine:.ssh> ssh user@remote.com
Last login: Tue Jan 28 15:28:51 2014 from 83.86.250.39
CentOS release 6.3 (Final)

Awesome!