sshuttle is just what I need to get occasional remote access to all machines on my home network. I already have remote ssh access set up and don't want the hassle of setting up OpenVPN or Wireguard. Thanks for your time and effort with these great videos Shawn.
Thank you! I got to teach a Cisco Academy in a high school years ago, it was pretty great. I miss working with kids. (maybe that's why I often act like one, lol!)
Excuse me i have a question. He says there is no encryption in this "socks proxy" or at least i understood that from his sayings. But isn't SSH a secure encrypted tunnel?? So when we route the traffic over that tunnel, it should be all encrypted shouldn't it?
Wow! The dynamic port forwarding is already cool, but this sshuttle seems even better! I wonder though, this program is needed to be installed locally only? Nothing needs to be setup remotely on ssh servers? Thanks for the video!
So, the reason I've been scarce this month is that I'm finalizing the equipment and connectivity changes so I can create a little datacenter at my farm with commercial internet service and redundant power, etc, etc. A big motivation for that is to set up email servers to host my domains. :)
Hello! Thank you for your work! I wonder what would be the steps for routing the traffic from a home webserver to a remote VPS, just to hide my home IP address. I am running a few websites, radio station and some little Telegram bots, but I am not happy that everyone is connecting to my home IP. Would a DigitalOcean Ubuntu/Debian cheap droplet do the job? There is not much traffic, so I am not worried about the performance.
Oh, a cheap droplet would certainly do the trick. It doesn't take much horsepower to do something like you describe. And yeah, the hit would be on performance, but if that's not crucial -- I'd say give it a try! :D
MAKE MORE VIDEOS RELATED TO DOCKER + mail server .. examples: 1) setup mail server postfix + dovecot + postfix admin , 2) postal smtp only with web gui, 3) haproxy , 4) CrowdSec, 5) fail2ban .. thanks
Yeah, that is a good policy. My Austrian server is static and publicly visible to anyone who visits my website, and my home IP is very dynamic. The home IP is obviously the more disconcerting one to expose, but the local infrastructure is changing drastically soon. tl;dr - you are 100% correct, but I opted to be lazy in the short term, as it will be moot soon. :)
Hi, Thanks for the perfect video I have a v2ray VPN server and use its client app on my family's and my phone to connect to it. but recently my connection directly to my server has abrupted because of geo-restriction. I used a VPS from not restricted location as an intermediate to tunnel all traffic through it to my VPN server using iptables like the below: sysctl net.ipv4.ip_forward=1 iptables -t nat -A PREROUTING -p tcp --dport 22 -j DNAT --to-destination (intermediate-server ip) iptables -t nat -A PREROUTING -j DNAT --to-destination (vpn-server ip) iptables -t nat -A POSTROUTING -j MASQUERADE after a while, the data center banned using this method. could I use sshuttle to cross all traffic from multiple ports through that intermediate server? (the clients connect to server using different ports.) for example use this command on intermediate server: sshuttle -r (intermediate-server ip) 0/0 or any other recommendations instead? thanks, in advance.
sshuttle is just what I need to get occasional remote access to all machines on my home network. I already have remote ssh access set up and don't want the hassle of setting up OpenVPN or Wireguard. Thanks for your time and effort with these great videos Shawn.
Thank you for the kind words! And yeah, it's not something I'd rely on for a regularly-used connection, but boy is it nice in a pinch.
as a Cisco instructor, I enjoyed how you present your knowledge, easy to understand, Regards from IRAN :)
Thank you! I got to teach a Cisco Academy in a high school years ago, it was pretty great. I miss working with kids. (maybe that's why I often act like one, lol!)
Excuse me i have a question. He says there is no encryption in this "socks proxy" or at least i understood that from his sayings. But isn't SSH a secure encrypted tunnel?? So when we route the traffic over that tunnel, it should be all encrypted shouldn't it?
Wow! The dynamic port forwarding is already cool, but this sshuttle seems even better!
I wonder though, this program is needed to be installed locally only? Nothing needs to be setup remotely on ssh servers?
Thanks for the video!
Thanks, learnt some cool new tricks!
Traffics through SSH tunnel is always encrypted.
This is because the SSH is a secured protocol hence it encrypts all Traffics through it
Can you make more videos related to mail servers (exim, powermta , postfix , postal etc) how to setup, how to config and optimize ?
So, the reason I've been scarce this month is that I'm finalizing the equipment and connectivity changes so I can create a little datacenter at my farm with commercial internet service and redundant power, etc, etc. A big motivation for that is to set up email servers to host my domains. :)
I’ve never heard of sshuttle before, that’s pretty cool. I’ve been using OpenVPN for years, but I’ll have to check it out.
It's one of those things that I don't use often, but when I need it, it's SO useful. :)
Hello! Thank you for your work! I wonder what would be the steps for routing the traffic from a home webserver to a remote VPS, just to hide my home IP address. I am running a few websites, radio station and some little Telegram bots, but I am not happy that everyone is connecting to my home IP. Would a DigitalOcean Ubuntu/Debian cheap droplet do the job? There is not much traffic, so I am not worried about the performance.
Oh, a cheap droplet would certainly do the trick. It doesn't take much horsepower to do something like you describe. And yeah, the hit would be on performance, but if that's not crucial -- I'd say give it a try! :D
Thanks, man, for making it so easy.
Thank YOU for watching, let letting me know it was useful! :)
welcome back!
Thanks!!!
can i do the exact same thing on windows? i really need a poor man one on windows
yes,
Shawn, please make a video about tunneling (different types of tunneling if possible) and proxy, please. I just cannot understand them :D
Yes!!! That’s my next SSH video. Forward and reverse tunnels. They’re SUPER useful. (And can be a sneaky way to get past a firewall, mwahahahaaaa)
@@shawnp0wers Awesome! Cannot wait! Hope you will go deeper as I find it really difficult to grasp.
@@MrMehi-hw3mq I’ll do my best to explain, likely with lots of poor drawings. :)
beautiful 🙂
Thanks! :D
Brilliant 🤩
MAKE MORE VIDEOS RELATED TO DOCKER + mail server .. examples: 1) setup mail server postfix + dovecot + postfix admin , 2) postal smtp only with web gui, 3) haproxy , 4) CrowdSec, 5) fail2ban .. thanks
I'll do my best to cover as many of those types of things as I can! Thanks for the ideas!
good video
learned a lot
Thank you, and I'm glad!
Man you are awesome Thanks
Thank you! :)
Excellent🎉 🇮🇷🇺🇸
Why don't they automatically exclude the SSH endpoint? It sounds redundant for you to have to exclude it yourself
It’s gotten REALLY finicky since the last time I used it. Kinda sad, actually.
Protip: Don't expose your public IP on RUclips.
Yeah, that is a good policy. My Austrian server is static and publicly visible to anyone who visits my website, and my home IP is very dynamic. The home IP is obviously the more disconcerting one to expose, but the local infrastructure is changing drastically soon.
tl;dr - you are 100% correct, but I opted to be lazy in the short term, as it will be moot soon. :)
Hi, Thanks for the perfect video
I have a v2ray VPN server and use its client app on my family's and my phone to connect to it. but recently my connection directly to my server has abrupted because of geo-restriction. I used a VPS from not restricted location as an intermediate to tunnel all traffic through it to my VPN server using iptables like the below:
sysctl net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -p tcp --dport 22 -j DNAT --to-destination (intermediate-server ip)
iptables -t nat -A PREROUTING -j DNAT --to-destination (vpn-server ip)
iptables -t nat -A POSTROUTING -j MASQUERADE
after a while, the data center banned using this method. could I use sshuttle to cross all traffic from multiple ports through that intermediate server?
(the clients connect to server using different ports.)
for example use this command on intermediate server:
sshuttle -r (intermediate-server ip) 0/0
or any other recommendations instead?
thanks, in advance.