如何通过SOCKS在SSH上通过HTTP隧道传输？

这应该是一个简单的问题，但是由于某种原因，它对我不起作用。

ssh vps 正常工作（我使用身份验证密钥）

我使用以下命令设置隧道：

ssh -C2TNv -D 8080 vps

然后，我修改Firefox网络设置：

• 手动配置
  • http代理：localhost，端口：8080
  • 将此代理服务器用于所有协议
  • 袜子v5
• 关于：配置
  • network.proxy.socks_remote_dns：是

终端输出：

$ ssh -C2TNv -D 8080 vps
OpenSSH_6.0p1, OpenSSL 1.0.1a 19 Apr 2012
debug1: Reading configuration data /home/ting/.ssh/config
debug1: /home/ting/.ssh/config line 47: Applying options for vps
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to vps.server.com [1.1.1.1] port 22.
debug1: Connection established.
debug1: identity file /home/ting/.ssh/id_rsa type 1
debug1: identity file /home/ting/.ssh/id_rsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-6+squeeze1
debug1: match: OpenSSH_5.5p1 Debian-6+squeeze1 pat OpenSSH_5*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.0
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 zlib@openssh.com
debug1: kex: client->server aes128-ctr hmac-md5 zlib@openssh.com
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA <removed>
debug1: Host 'vps.server.com' is known and matches the RSA host key.
debug1: Found key in /home/ting/.ssh/known_hosts:10
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/ting/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Enabling compression at level 6.
debug1: Authentication succeeded (publickey).
Authenticated to vps.server.com ([1.1.1.1]:22).
debug1: Local connections to LOCALHOST:8080 forwarded to remote address socks:0
debug1: Local forwarding listening on ::1 port 8080.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port 8080.
debug1: channel 1: new [port listener]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.

然后，我尝试使用Firefox和SSH输出访问站点：

debug1: Connection to port 8080 forwarding to socks port 0 requested.
debug1: channel 2: new [dynamic-tcpip]
debug1: channel 2: free: dynamic-tcpip, nchannels 3
debug1: Connection to port 8080 forwarding to socks port 0 requested.
debug1: channel 2: new [dynamic-tcpip]
debug1: channel 2: free: dynamic-tcpip, nchannels 3

尽管该代理似乎有效，但使用Firefox访问任何站点只会返回错误“连接已重置”。

您的带-D的SSH命令很好（因此SOCKS会将它作为隧道，这只是通过HTTP连接到SOCKS的原因，您必须进行整理）

我得到很好的输出

curl --socks5 127.0.0.1:8080 http://blah

但我得到的错误输出与我做的一样

 curl --proxy 127.0.0.1:8080 http://blah

因此，firefox就像一个HTTP代理一样进行连接

看着Firefox窗口

手动配置是

您说您已勾选“对所有协议都使用此代理服务器”，这是完全错误的举动！您想输入一个SOCKS代理，如果这样做，那么SOCKS框将变为空/灰色，并且您只能输入一个HTTP代理。

所以不要打勾。

并输入袜子代理IP。

并删除说没有代理127.0.0.1，localhost的地方。如果是这样，则为默认值。

要检查通过curl的连接，您还可以使用标志-I -v（仅获取HTTP标头并获得更多健谈的输出）。

如果选择了这些标志并卷曲连接-您将在输出字符串中看到以下内容：

* Rebuilt URL to: http://www.google.ru/
*   Trying ::1...
* 87
* 245
* 198
* 44
* Connected to localhost (::1) port 8080 (#0)

如果无法连接：

* Rebuilt URL to: http://www.google.ru/
*   Trying ::1...
* connect to ::1 port 8080 failed: Connection refused

在带有ssh连接的另一个终端的选项卡中，您将如下所示：

debug1: channel 2: new [dynamic-tcpip]
debug1: channel 2: free: direct-tcpip: listening port 9999 for 87.245.198.44 port 80, connect from ::1 port 55034 to ::1 port 8080, nchannels 3