A few years ago I discovered one of those game changing tools. That tool is sshuttle. This simple tool is incredibly useful and allows me to route my DNS requests through an SSH tunnel enabling circumvention of firewalls, geo-location content blocks and even protects your traffic from the casual coffee shop packet sniffer.
Installation on Linux is simple via most package managers. Mac is again simple using brew
. You can also use pip to install sshuttle
which is documented here.
You can get started via the command line but `sshuttle` really comes into its own when wrapped with some bash aliases. Here's some of my examples...
alias stun='curl -4 ifconfig.co && sshuttle --dns --daemon --pidfile=/tmp/sshuttle.pid -x host.domain.com -r host 0/0 && curl -4 ifconfig.co'
alias xtun='[[ -f /tmp/sshuttle.pid ]] && kill $(cat /tmp/sshuttle.pid)'
Configuration of bash aliases varies a lot per OS so I won't include how to set that up here but those two lines above (typically they live in ~/.bashrc
) enable you to type stun
and then have your traffic appear as if it originates via the target host. The two curl invocations show you your WAN IP address before and after the command. If everything went as expected your new IP should be the same as the public WAN IP of the SSH host you connected to.