ssh through socks proxy

This technique is very useful if you have a firewall between you and your destination, and somehow the only way you could get in to the destination is by ssh'ing into a jumpbox and ssh again to the destination. In this scenario example, I'll call the machine we initiate this technique as A.local, the jumpbox as B.local and the destination server as C.local, and we will use a user called aladdin.

A.local -> B.local (jumpbox) -> C.local

To do this, please follow below steps:

Add below settings to your ssh config in A.local, the file is usually ~/.ssh/config

Host B.local 

DynamicForward localhost:1080 

Host C.local 

ProxyCommand /usr/bin/nc -x localhost:1080 %h %p

Initiate a socks proxy connection, and leave it open (-D is for dunamic application-level port forwarding and 1080 can be any port of your choice, 1080 is socks proxy default port for nc):

[A.local]$ ssh -D 1080 aladdin@B.local

Open another terminal, and run ssh as if you have direct connection to C.local

[A.local]$ ssh aladdin@C.local

Voila, your ssh session will go through as if you have direct connection to C.local.


If you just doesn't want to put it into your config, you can use it on the fly by using below command after you have initiate the socks proxy:

[A.local]$ ssh -o "ProxyCommand /usr/bin/nc -x localhost:1080 %h %p" aladdin@C.local

Or you can also put it as alias for easy usage:

[A.local]$ alias 

alias proxyssh='ssh -o "ProxyCommand /usr/bin/nc -x localhost:1080 %h %p"'