Earlier I blogged about studying SSH theoretically. Since then I wanted to try my hands on a real server. SSH into it and see how it all works out. Recently I used AWS Free Tier to set up an EC2 instance and use tinyproxy to tunnel my traffic through AWS servers. Though it was for a music project and was quite a side aim currently, I found out that This AWS was so deep. I find it interesting and now also seeing AWS Training videos side by side. 😛
Firstly you need an EC2 instance setup. Getting the Free Tier and then setting it up for basic usage is done by merely following the defaults.
When you are setting up the instance, prefer the ubuntu one. It has the required package manager to get you packages that are not installed on it by default. Make sure you go with the options that are Free Tier Eligible, else you might be billed for the usage. Now after following the default settings, you should be able to launch the instance Review and Launch button can be used for it. Click Launch then and select the create a new key pair option. It’ll give you a private key. It’d be required for all your ssh sessions, so better to keep it safe. But if you are testing and you lose a key, then you can hopefully terminate the instance and set up a new one. It mostly is with .pem extension. It is short for Privacy Enhanced Mail, a method for secure email, failed now, but its name is still used. The .key that might also be seen is the mere private key. .pem though can contain just the certificate or entire certificate chains like the public key, private key, and certificates.
Then find the IPv4 Public IP in the EC2 Management Console that opened. If you used ubuntu then your username would be ubuntu by default. And now fire up your terminal! Write following command:
ssh -i path/to/priv/key.pem ubuntu@192.132.1.3
Replace 192.132.1.3 with the IPv4 Public IP that you noted from the EC2 Management Console. You’ll be in the server after a confirmation required by your SSH client because you are connecting to the given IP for the first time. After typing in the “yes” you’ll be finally in the server and in the position to execute commands.
First thing now you should do is to update the package list. Use:
sudo apt-get update
Without it, apt-get might not be able to find the tinyproxy package.
Install tinyproxy now using the command:
sudo apt-get install tinyproxy
We can setup tinyproxy then. Open the file at /etc/tinyproxy/tinyproxy.conf and tell it which port and IP address to listen to.
These two are the important parts in the file, edit them or create them if they are not present.
Port 8888 Allow your_own_IP_Address
(If it doesn’t work and says proxy refusing connection, look up in /var/log/tinyproxy/tinyproxy.log It will help you debug the issue you are facing. You might also need to add:Allow localhost in the tinyproxy.conf file for local port forwarding to work)
Here, if you don’t specify the allowed part, then by default tinyproxy allows all (given that no other allow statement exists). Port specifies at which port the tinyproxy will listen for requests. It can be another port number too. Try to keep it above 1024 else root might be required at some places.
Configuration is done, now let’s start the tinyproxy daemon. Type:
sudo /etc/init.d/tinyproxy start
All that is left now is to send traffic to that port 8888 of the IP that AWS provided.
Now we use SSH Tunneling. We are going to do local port forwarding. I’ve personally tried it and it worked for me. I couldn’t forward directly to the AWS IP and port for some reason.
The command goes like this:
ssh -L 2222:localhost:8888 -i /path/to/priv/key.pem ubuntu@ipAddress
Replace ipAdress with the AWS provided IP. What this does is, forwards the traffic at port 2222 on our pc to localhost‘s port 8888 on the server to which you log in using -i /path/to/priv/key.pem at ubuntu@ipAddr.
Or better said accessing localhost via the server we logged in.
All should be good now. Now we can forward all our traffic to that local port 2222. In Fedora it is simple. (You can do it for specific browsers too, steps are almost same)
For Fedora:
Go to Settings -> Network
Here in Network Proxy, click the gear icon and set the radio button to manual. In the HTTPS Proxy for host enter localhost and for port enter 2222 .
Note: If you need to access a non conventional port via this proxy, you’ll need to add that to the configs. Default is this:
ConnectPort 443 ConnectPort 563
Just add the port you require beneath these in similar format and restart using: sudo /etc/init.d/tinyproxy restart
Good to go now. You jumped cities 🙂 (Or at least your IP did)
Keep in mind, if you face some error in the browser, do look up the tinyproxy logs at /var/log/tinyproxy/tinyproxy.log Rest should be straightforward. 🙂
See you soon.
Till then find more about Port Forwarding, It’s interesting!
storymode7
Hacking and Learning 