apt-get install via tunnel proxy but ssh only from client side

Question

So... this is my problem:

I can access to a VPN from my machine. I can access to a server in the VPN via SSH, but this machine has no access inside out because a firewall is blocking the reverse ssh connections. So I can't use Internet via tunnel to use apt-get.

How can I emulate:

sudo ssh -D 9999 root@<machineoutsidevpn>

But from outside the VPN. Or any way to use the Internet connection to install packages?

Answer 1

Setup:

Computer A

• Has access to Internet
• Has access to Computer B
• SSH is installed

Computer B

• Doesn't have access to Internet
• OpenSSH Server is installed

---

Steps:

1. ssh into Computer B from Computer A

   sudo ssh -R <selected port>:us.archive.ubuntu.com:80 [email protected]
   

2. Edit Computer B's /etc/apt/apt.conf to include the following lines:

   Acquire::http::Proxy "http://localhost:<selected port>";
   Acquire::https::Proxy "https://localhost:<selected port>";
   

3. Run your apt-get update or install or upgrade on Computer B and it should work.

---

A few notes:

• You HAVE to keep the original session of ssh from Computer A to Computer B active while using Computer B to access apt-get repositories.
• You DON'T have to use the same ssh connection to utilize the tunnel (meaning if you have multiple ssh connection into Computer B, they should all work)

---

Using Putty

This can also be achieved using Putty (assuming that Computer A is the Windows machine).

1. When starting the session, select SSH --> Tunnels
2. Source Port: <selected port>
3. Destination: us.archive.ubuntu.com:80
4. Select the "Remote" radio button
5. Select "Add" button
6. Configure your session as you normally would.
7. Follow steps 2 & 3 above