3

IT has the lab locked down so I cant do apt-get updates or install any packages on the Ubuntu machine. We have a Windows RDP desktop that has limited internet access. I have an SSH server running on the Windows box and I can SSH tunnel to it from the Ubuntu machine with the following

ssh -CND localhost:1080 me@windowsbox

The problem is I still cant resolve any DNS from the Ubuntu machine. So what I would like to do is also configure DNS to also go through the SSH tunnel. And yes, I have seen many other posts about configuring firefox or whatever browser to do so, but that does not apply here. I am looking for system level DNS or at the very least the ability for apt-get to resolv through the tunnel.

Thanks

omencat
  • 436

1 Answers1

1

You have full control over the client, that's good. You don't mention how much control you have over the SSH server. If you control the server side, hen you could start a UDP-to-TCP proxy on your client as indicated here:

socat -T15 udp4-recvfrom:53,reuseaddr,fork tcp:localhost:5353

And then forward the TCP connection via SSH to your server where you start a TCP-to-UDP daemon:

socat tcp4-listen:5353,reuseaddr,fork UDP:nameserver:53

there is SSHuttle (e.g. mentioned here). There is a patch to forward DNS queries easily.

YMMV, but I have had success with the following:

#!/bin/bash
# Taken from http://stackoverflow.com/questions/4594319/shell-replace-cr-lf-by-comma
DNSSERVERS=$(nmcli d show | grep DNS | awk '{print $2}' | sed -e 'H;${x;s/\n/,/g;s/^,//;p;};d' )
sshuttle  \
    -vvv                \
     --dns-hosts ${DNSSERVERS}   \
    -r server   \
    254.254.254.254/32
Community
  • 1
Frederick Nord
  • 302