@PedroLeal_ @rastilin @Greylinux @jonah 
"What you in for?"
"Trying to bypass age verification on a website advertising alcohol by using socks proxies via dynamic ssh tunnels to various VPS spotted around europe and the rest of the world. I got caught because I couldn't adequately explain it isn't a VPN. You?"
P
paul@notnull.space
@paul@notnull.space
Posts
-
Next up will be a VPN ban. -
Next up will be a VPN ban.@Greylinux @jonah there's probably a nunber of guides out there, but I've just learned things over the years... It's actually how I used to test remote client's internet connections.
Anyway, what you'd do is have a basic, cheap, VPS from any provider and country you desire and set it up for SSH access, and I think it's "AllowTcpForwarding yes" that needs to be set in sshd_config.
Then you'd connect to it with your client machine with the-D $portparameter, i.e.ssh -D 3080 $server
Then in your web browser, you'd set up the proxy settings under SOCKS to your loopback address and the port specified i.e. SOCKS: 127.0.0.1 3080.
And that's it, any traffic from that browser will go through your loopback, to the SSH server, then off to the internet. I believe there's an option of sending DNS requests that way too in the web browser. You do need to leave the SSH session open, for obvious reasons.
Of course, only the traffic from the web browser will use this route, so you'd need to set it up in different applications' proxy config if you want them to use it too.Obviously, care should be taken to secure the ssh endpoint as much as possible, either through blocklistd, fail2ban, etc. or just allowing connections via a specific IP address
-
Next up will be a VPN ban.@rastilin @Greylinux @jonah ah, sarcasm, if only I thought of using that...
But yes, you're absolutely right, any government would have absolutely no idea about the difference between a VPN and routing specifix traffic via an alternative path than it would normally go.
And I'll see them in court. -
Next up will be a VPN ban.@Greylinux @jonah technically... Yes. Although it is a bit more technical to set up than a VPN server.
It should work for a Jellyfin server as is, but sometimes I find doing a more specific remote tunnel is better for this (and a lot better if the client does not have proxy settings) -
Next up will be a VPN ban.@jonah doesn't say anything about SOCKS proxying over a dynamic SSH tunnel though
-
Anyone have any go-to choice for #FreeBSD scripts to handle zfs-send of snapshots for backup purposes?@jamesoff someone has probably already said this, but @jimsalter 's Syncoid is brilliant
-
Remember "don't print this email" in signatures that was a bit cringe?@mntmn this is absolutely going into my email signature