Proxy browsing through an SSH tunnel

Common scenario: Traveling somewhere with hostile wireless Internet access. Using Linux. No “official” Linux VPN support from your employer, but you have a trusted host to SSH into, and you have a proxy server inside your organization.

This is the case at many universities, and I will describe from that perspective.

This page contains instructions in two flavors: when your university runs a proxy server, and when it does not. The fallout is that tunneling DNS is easy with a proxy server. I don’t know how to do it without one.

ssh -C2qTnN -L 8080:proxy.myuniversity.com:3128 username@my.ssh.host.myuniversity.com

The arguments -C2qTnN mean: Compression, SSH2 only, Quiet, Force pseudo-tty allocation, Redirect stdin from /dev/null, and Place the ssh client into “master” mode for connection sharing.

If you want to tunnel DNS as well (e.g., to access intranet machines not directly accessible from the Internet) then I only know how to do it in Firefox. Go to about:config and toggle “network.proxy.socks_remote_dns” to true.