Rubenerd

I’d tried 0.1 back in the day, but @OliYoung reminded me this morning of sshuttle, the poor man’s VPN that’s just too much fun!

On Soviet Internets, sshuttle proxies you

For most all of my SSH connections, I use custom ports. Security through obscurity is a dangerous misnomer if only used by itself, but it helps to lower the chances of a roaming bot scanning on port 22 from finding it.

With a regular SSH connection you define a port with -p, though fancy alliteration is not necessarily required:

% ssh -p 60000 username@SuperSexySSHServer

Sshuttle doesn't have a -p option, so you merely append the port old school style:

# sshuttle -r username@SuperSexySSHServer:60000
0.0.0.0/0 -vv

This then gets converted into a -p option when sshuttle initiates the required SSH connection.

Starting sshuttle proxy.
Binding: 12300
Listening on (‘127.0.0.1′, 12300).
firewall manager ready.
c : connecting to server...
c : executing: [‘ssh’, ‘-p’, ‘60000’, ‘username@SuperSexySSHServer’, ‘–‘, ”python’ -c ‘import sys; skip_imports=1; verbosity=2; exec compile(sys.stdin.read(764), “assembler.py”, “exec”)”]

I would know, because I’m using it to write this blog post! Very cool :)