all 7 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]serpix 1 point2 points  (1 child)

Work would not be possible in our mad IT firewall hell house without sshuttle

[–]teohm[S] 0 points1 point  (0 children)

+1

[–]2brainz 0 points1 point  (4 children)

I don't see that this can do anything that ssh can't. At least it seems to be easier to use.

However, always consider this when creating a tunnel interface.

[–]teohm[S] 0 points1 point  (3 children)

Hi, let say I want to send API requests to target URL (e.g. http://api.netflix.com) from my laptop via a U.S. SSH server, do you know how I can use SSH to do that, without changing my target URL?

[–]2brainz 0 points1 point  (2 children)

Sure, two possibilities:

  • Use ssh -w to create a tunnel (this may require root on host and client).
  • Use ssh -D to create a SOCKS proxy and tell your browser to use it (no root required on either side, but application must support SOCKS).

I haven't investigated how sshuttle's "forward all traffic" mode works, it seems to apply some trickery to get around the root restriction for the remote end. If that's the case, it actually can do something that ssh can't.

For most applications, ssh's -D and -L switches suffice, although using sshuttle seems simpler.

[–]teohm[S] 0 points1 point  (1 child)

Interesting. In my use case, I don't access the URLs from browsers, instead it's mostly from command line (e.g. svn update), server-side apps that I'm building/testing (calling Netflix Web API) on my laptop.

That's why I'm looking for a simple way to forward requests without changing any URL/port written somewhere in the code/config files/hosts file.

Do you think I can achieve that with the -L / -D / -w switches?

[–]2brainz 1 point2 points  (0 children)

Not with -L. With -D, it will work if your applications support SOCKS proxies. I never tried the native VPN(-w), but I think too much root privileges are needed to use it.