HOW TO: connect your N900 through your home internet connection from anywhere via ssh - maemo.org

overfloat | # 1 | 2010-05-22, 19:13 | Report

Ok, so you want to run your web browsing traffic through your home computer via SSH, perhaps for privacy, perhaps for getting around a firewall.... I'm not here to judge.

Here is how to do it very simply between your n900 and an ubuntu computer.

First things first - get SHH onto your ubuntu computer in a terminal type:

Code:

sudo apt-get install ssh

now try it by typing

Code:

ssh localhost

your password will be your ubuntu password

working? good, type 'exit' to close the ssh connection

I'm going to assume that you want to run your server on port 443 as a lot of work/school networks leave this port open. It will also work for things like the Troll-Mobile sidekick plan

So - in a terminal

Code:

sudo gedit /etc/ssh/sshd_config

find the line that says "Port" and change 20 to 443

save, close, and restart the ssh server

Code:

sudo /etc/init.d/ssh restart

Next you will need to setup a proxy on your computer

This can be done very simply by installing privoxy:

Code:

sudo apt-get install privoxy

done? good.

now punch a hole in your router's firewall - go to the admin page for your router - often http://192.168.0.1 and forward port 443 to your ubuntu box. Save and quit

Now on to the n900 part.....

Go to the network connection settings for the connection you want to connect to the internet through - go to settings, internet connections, click the connection, click edit, click next until an 'advanced' button appears.

Tick 'use proxy' in HTTP proxy put in 'localhost' port number 8118

save and close.

Open up a terminal on your n900

type in

Code:

sudo ssh -NL 8118:localhost:8118 -f username@address -p 443

'username' is your ubuntu username, 'address' is your ubuntu computer's external IP address (go to http://www.whatsmyip.org/ if you dont know your external IP) Just enter your password

Now it should be working... open up a browser and start browsing.

*please note that this is not the MOST secure way to do things, but is simple and it works.

Last edited by overfloat; 2010-05-22 at 19:15.

The Following 2 Users Say Thank You to overfloat For This Useful Post:
Pfuh3z, somekeystrokes

somekeystrokes | # 2 | 2010-05-22, 19:16 | Report

what for a windows pc?

Hmoobwarrior | # 3 | 2010-05-22, 19:21 | Report

so we would be able to connect from anywhere? ie different city

overfloat | # 4 | 2010-05-22, 19:23 | Report

Originally Posted by Hmoobwarrior View Post

so we would be able to connect from anywhere? ie different city

Well, when you SSH it is essentially like logging into your home computer. This can be done from anywhere with an internet connection.

Last edited by overfloat; 2010-05-22 at 19:25.

overfloat | # 5 | 2010-05-22, 19:24 | Report

Originally Posted by somekeystrokes View Post

what for a windows pc?

What windows version?

les_garten | # 6 | 2010-05-22, 19:35 | Report

Originally Posted by overfloat View Post

What windows version?

Just curious, what issue are you trying to solve by going IN and OUT of your home box?

My N900 browses all on it's own!

overfloat | # 7 | 2010-05-22, 19:38 | Report

Originally Posted by les_garten View Post

Just curious, what issue are you trying to solve by going IN and OUT of your home box?

My N900 browses all on it's own!

If you are on a school/work/cell provider network that blocks certain sites - you can access them through this method... also, if you are concerned with privacy of the wifi network - maybe you are using a connection that you find around the city

Last edited by overfloat; 2010-05-22 at 19:44.

The Following User Says Thank You to overfloat For This Useful Post:
les_garten

cvi | # 8 | 2010-05-22, 21:07 | Report

I think you can do the same without installing privoxy port on your host: if you have a vanilla SSHD running somewhere, just use

$ ssh -D 8081 user@host

on your N900. This will cause ssh to start an SOCKS proxy on 8081. Configure the connections on your n900 as above, and it should work.

overfloat | # 9 | 2010-05-22, 22:51 | Report

Originally Posted by cvi View Post

I think you can do the same without installing privoxy port on your host: if you have a vanilla SSHD running somewhere, just use

$ ssh -D 8081 user@host

on your N900. This will cause ssh to start an SOCKS proxy on 8081. Configure the connections on your n900 as above, and it should work.

I'm not 100% sure if using the socks proxy will push DNS requests through the SSH connection or not. The method I mentioned above should push them through the SSH connection - so the network operator wont know what sites you are visiting. - can someone with more knowledge chime in?

Pfuh3z | # 10 | 2010-05-22, 23:08 | Report

For as far as I know the -D method also pushes DNS requests through the SSH tunnel. I'm currently living in a residence with unstable and restricted internet access. Sometimes the router here starts failing (no longer handing out IP's or processing DNS requests) and simply setting a manual ip and connecting to my server at home (using the ssh -D method) allows me to freely browse the internet (and chat, ...) again.
This must be the most real-use example/proof you can get, I guess

Edit: Thanks for the full guide btw, I'm sure it will be helpful to a lot of people!