Simple way to proxy all your traffic trough SSH (LINUX)

Simple way to proxy all your traffic trough SSH (LINUX)

Requirements:
VPS – can be lowend since we only need to connect to it
Machine that will use proxy

1. Setup passwordless ssh access via keys (Linux)

Type this in terminal on main server:

ssh-keygen -t rsa -C mainserver

Skip all password requests with enter key (so you don’t need to use password to connect)

Now you should see the files id_rsa and id_rsa.pub in your .ssh directory in your home folder:

ls ~/.ssh
authorized_keys  id_rsa  id_rsa.pub  known_hosts

P.S: don’t worry if you don’t have “authorized_keys” or “known_hosts” files 🙂

2. Make it secure:

Connect to remote host and make new user (named proxy here):

adduser proxy

then just press enter until you need to confirm that all information is correct, press y and then enter to create new user

Change default SSH port (22) to something random (Port you can access on remote server)

nano /etc/ssh/sshd_config

Find: "Port 22"

and change it to Port x where x is your choosen port

3. Copy public key to Remote host (Proxy):

cat ~/.ssh/id_rsa.pub | ssh proxy@remote-host'install -d -m 700 ~/.ssh; cat >> .ssh/authorized_keys'

4. Try to login with same username that you used to copy public key:

ssh proxy@remote-host

you should be auto connected now

5. Use this as proxy:

ssh -D 1025 proxy@remote-host [-p x (only if you changed port)]

now set local proxy settings to

Firefox Proxy settings

Firefox Proxy settings

Socks host: localhost and port 1025 (or any port you choosen before on -D switch)

6. Make it persistent
as root install screen: “apt-get install screen” and edit /etc/rc.local file

nano /etc/rc.local

and add this line to it

/usr/bin/screen -dmS screenname bash -c 'ssh -C -D 1025 proxy@remote-ip-address' &

“-C” is used to compress traffic and lower bandwith 😉

copy private key from the user you used before (if it wasn’t root sure)

cp /home/proxy/.ssh/id_rsa ~/.ssh/id_rsa

this way ssh proxy will auto start when sytem is booted 🙂

I hope you liked this tutorial, if you don’t understand something or have problems feel free to comment bellow 🙂 Sugestions are appreciated 😉

P.S: you can now use cheap vps to run proxy on them :p

my screens – proxies
VUppJeC.png

 

Cheap VPS hosting providers:

VirtWire (Recomended: fast servers, cached ssd, low memory avaliable)

GestionDBI

 
3 Kudos
You are
awsome 🙂

How to upgrade your ordinary router with functionality of a high cost one with Tomato firmware

router

Here is how to install Tomato firmware on your cheap Wi-Fi router to attain functionality of a high cost router.

What if you could simply enhance your router’s functionalities just by some software alteration. well, Few people understand why some routers cost $15 and some hundreds of dollars.

There are hardware differences and… software differences.

Using a custom firmware (if supported by the router) can give you options/features available on much more expensive hardware.

Such a firmware is Tomato USB. Its an open source firmware for Broadcomm based routers.

The first step is to see if your router is supported by Tomato, so please check Shibby Tomato Builds. If it is, get the newest version and flash it on the administration interface.

Usually, there are some flavors: AIO (All in One) or VPN (few features, smaller size, perfect for most users).

If it cannot be flashed through Web interface (like Asus RT-N53), you must use the emergency procedure (see router documentation) to upload the custom firmware to the router.

After you install and set up all the usual settings on Tomato (WIFI, LAN etc.), you can go further, and with some work, you can install many programs, for example a webserver with PHP support or Transmission Torrent client (the router must have USB ports).

Different routers have different flash memory sizes. Inside the flash reside the firmware and settings. Depending on the flash size and firmware size (VPN or AIO), some unused space might still remain, so you can create a JFFS partition to install software. This is critical for routers without USB or if you do not want to use a USB drive. If you do want to use a USB drive, read here how to create a partition, and after you create it, continue this tutorial from Step 3.

Okay lets start.
Step 1: Create a JFFS partition.
Go to Administration – JFFS – Enable – Format Erase

In the text box paste:

mount -o bind /jffs /opt

Wait a few minutes, and if you do not get any message, reboot the router.

Step 2:
Go to Administration – Admin Access and modify the default port settings for router administration (ex: 8082).
This will allow you to access your router on specified port.

http://ip_router:8082
default: http://192.168.1.1:8082

Step 3:
3. Access the router on SSH using Putty (Windows) or Terminal (Mac).

On Mac, the command is:

ssh -l root IP

Username must be root and the password of the admin user.

Step 4:
Install Optware package manager by using the following code.

cd /tmp

wget http://tomatousb.org/local–files/tut:optware-installation/optware-install.sh -O – | tr -d ‘\r’ > /tmp/optware-install.sh

chmod 755 optware-install.sh

sh optware-install.sh

Note that it may take time depending on your internet speed and your router’s processing power.

Step 5:
Install nano (text editor), lighttpd (webserver), and PHP

ipkg install nano
ipkg install lighttpd
ipkg install php-fcgi

Step 6: Edit the lighttpd configuration file.

nano /opt/etc/lighttpd/lighttpd.conf

and add this:

server.event-handler =”poll”

Modify the default running port of the webserver (default is 8081).

server.port = 80

Save everything and close nano.

Step 7:
Restart the webserver.

/opt/etc/init.d/S80lighttpd restart

Now you can put files and scripts in /opt/share/www/

If you want your webserver to be accessible from WAN, you need to add those lines to the Firewall script (Administration – Scripts – Firewall):

iptables -t filter -A INPUT -p tcp –dport 80 -j ACCEPT
iptables -t filter -A INPUT -p tcp –dport 443 -j ACCEPT

Its done! now enjoy the features on your budget router. Do post your queries or suggestions in the comments.

 
1 Kudos
You are
awsome 🙂

What’s the Best File System for My Linux Install?

Linux File Systems

What’s the Best File System for My Linux Install?

File systems: they’re not the most exciting things in the world, but important nonetheless. In this article we’ll go over the popular choices for file systems on Linux – what they’re about, what they can do, and who they’re for.

file system ext4

If you’ve ever installed Linux before, chances are you’ve seen the “Ext4” during installation. There’s a good reason for that: it’s the file system of choice for just about every Linux distribution available right now. Sure, there are some that choose other options, but there’s no denying that Extended 4 is the file system of choice for almost all Linux users.

What can it do?

Extended 4 has all of the goodness that you’ve come to expect from past file system iterations (Ext2/Ext3) but with enhancements. There’s a lot to dig into, but here are the best parts of what Ext4 can do for you:

  • file system journaling
  • journal checksums
  • multi-block file allocation
  • backwards compatibility support for Extended 2 and 3
  • persistent pre-allocation of free space
  • improved file system checking (over previous versions)
  • and of course, support for larger files

Who is it for?

Extended 4 is for those looking for a super-stable foundation to build upon, or for those looking for something that just works. This file system won’t snapshot your system; it doesn’t even have the greatest SSD support, but If your needs aren’t too extravagant, you’ll get along with it just fine.

file systems btrFS

The B-tree file system (also known as butterFS) is a file system for Linux developed by Oracle. It’s a new file system and is in heavy development stages. The Linux community considers it unstable to use for some. The core principle of BtrFS is based around the principle of copy-on-write. Copy on write basically means that the system has one single copy of a bit of data before the data has been written. When the data has been written, a copy of it is made.

What can it do?

Besides supporting copy-on-write, BtrFS can do many other things – so many things, in fact, that it’d take forever to list everything. Here are the most notable features: The file system supports read-only snapshots, file cloning, subvolumes, transparent compression, offline file system check, in-place conversion from ext3 and 4 to Btrfs, online defragmentation, anew has support for RAID 0, RAID 1, RAID 5, RAID 6 and RAID 10.

Who is it for?

The developers of BtrFS have promised that this file system is the next-gen replacement for other file systems out there. That much is true, though it certainly is a work in progress. There are many killer features for advanced users and basic users alike (including great performance on SSDs). This file system is for those looking to get a little bit more out of their file system and who want to try the copy-on-write way of doing things.

file systems xfs

Developed and created by Silicon Graphics, XFS is a high-end file system that specializes in speed and performance. XFS does extremely well when it comes to parallel input and output because of its focus on performance. The XFS file system can handle massive amounts of data, so much in fact that some users of XFS have close to 300+ terabytes of data.

What can it do?

XFS is a well-tested data storage file system created for high performance operations. Its features include:

  • striped allocation of RAID arrays
  • file system journaling
  • variable block sizes
  • direct I/O
  • guaranteed-rate I/O
  • snapshots
  • online defragmentation
  • online resizing

Who is it for?

XFS is for those looking for a rock-solid file solution. The file system has been around since 1993 and has only gotten better and better with time. If you have a home server and you’re perplexed on where you should go with storage, consider XFS. A lot of the features the file system comes with (like snapshots) could aid in your file storage system. It’s not just for servers, though. If you’re a more advanced user and you’re interested in a lot of what was promised in BtrFS, check out XFS. It does a lot of the same stuff and doesn’t have stability issues.

file system riser4

Reiser4, the successor to ReiserFS, is a file system created and developed by Namesys. The creation of Reiser4 was backed by the Linspire project as well as DARPA. What makes Reiser4 special is its multitude of transaction models. There isn’t one single way data can be written; instead, there are many.

What can it do?

Reiser4 has the unique ability to use different transaction models. It can use the copy-on-write model (like BtrFS), write-anywhere, journaling, and the hybrid transaction model. It has a lot of improvements upon ReiserFS, including better file system journaling via wandering logs, better support for smaller files, and faster handling of directories. Reiser4 has a lot to offer. There are a lot more features to talk about, but suffice it to say it’s a huge improvement over ReiserFS with tons of added features.

Who is it for?

Resier4 is for those looking to stretch one file system across multiple use-cases. Maybe you want to set up one machine with copy-on-write, another with write-anywhere, and another with hybrid transaction, and you don’t want to use different types of file systems to accomplish this task. Reiser4 is perfect for this type of use-case.

There are many file systems available on Linux. Each serves a unique purpose for unique users looking to solve different problems.This post focuses on the most popular choices for the platform. There is no doubt there are other choices out there for other use-cases.

What’s your favorite file system to use on Linux? Tell us why below!

 
0 Kudos
You are
awsome 🙂

Twitch ’s latest insane adventure: Installing Linux

Twitch’s latest insane adventure: Installing Linux

Twitch playing Pokémon was easy mode. Tomorrow, Twitch viewers will be invited to do something altogether more challenging: install Arch Linux. Using the same Twitch chat-driven concept as the collaborative Pokémon playthrough, anyone will be able to enter commands and control the installation process.

Normally, installing Linux is quicker and easier than winning Pokémon. The install processes have been made broadly idiot-proof, especially if you’re installing into a safe virtual machine environment and so don’t even run the risk of clobbering a disk accidentally. But if Twitch chat has accomplished anything, it’s breeding a better idiot, one that is mindlessly bloody-minded, and so we fully anticipate that there will be trolling. Trolling Pokémon revolved principally around getting stuck repeatedly in menus and releasing captured Pokémon—annoying to those trying to complete the game but little that would force players to start from scratch.

Linux, in contrast, opens the door to a whole world of exotic trolling opportunities. There are old classics such as rm -rf / to wipe the disk, or dd if=/dev/zero of=/dev/hda to really wipe the disk. There’s the casual annoyance of kill -9 1, or comedy options such as the bash fork bomb of :(){ :|:& };:. We wouldn’t be surprised to see the machine casually trapped in a reboot loop or have its hardware removed to leave it incapable of I/O.

And who knows, even more exotic options are also possible; security attacks to break into the virtual machine host, recruiting of the machine into botnets, or denial of service attacks. Also possible: a ton of copy-pasta and Kappa spam. Twitch wouldn’t really be Twitch without it.

The project kicks off on Saturday October 31 at 4pm Eastern.

 
3 Kudos
You are
awsome 🙂