Shulou(Shulou.com)06/01 Report--

This article introduces the knowledge of "how to use Squid to configure SSH proxy server". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

Sometimes you can't connect to the SSH server locally. In other cases, you may want to add an extra layer of security to your SSH connection. In these cases, connecting to the SSH server through a proxy server is a solution.

Squid is a fully functional proxy server application that provides caching and proxy services. It is often used to reuse and cache previously requested web pages during browsing to help shorten response time and reduce network bandwidth.

But in this article, you will configure Squid as the SSH proxy server because it is a powerful trusted proxy server that is easy to configure.

Installation and configuration

Install the squid package using sudo:

$sudo dnf install squid-y

The squid configuration files are huge, but we only need to configure some of them. Squid uses access control lists to manage connections.

Edit the / etc/squid/squid.conf file and make sure you have the two lines explained below.

First, specify your local IP network. The default configuration file already lists the most commonly used ones, but if not, you need to add your configuration. For example, if your local IP network range is 192.168.1.X, the line would look like this:

Acl localnet src 192.168.1.0/24

Next, add the following line to add the SSH port as a secure port:

Acl Safe_ports port 22

Save the file. Now enable and restart the squid proxy service:

$sudo systemctl enable squid$ sudo systemctl restart squid

The squid agent listens on port 3128 by default. Configure firewalld to allow this service:

$sudo firewall-cmd-- add-service=squid-- perm$ sudo firewall-cmd-- reload test ssh proxy connection

To connect to the server through the ssh proxy server, we will use netcat.

If nmap-ncat is not already installed, install it:

$sudo dnf install nmap-ncat-y

This is an example of a standard ssh connection:

$ssh user@example.com

This is how the squid proxy server is used as a gateway to connect to the server.

This example assumes that the IP address of the squid proxy server is 192.168.1.63. You can also use the hostname of the squid proxy server or FQDN:

$ssh user@example.com-o "ProxyCommand nc-- proxy 192.168.1.63 proxy 3128% h% p"

Here is what these options mean:

ProxyCommand-tells ssh to use the proxy command.

Nc-the command used to establish a connection to the proxy server. This is the netcat command.

% h-placeholder for the hostname or IP address of the proxy server.

% p-placeholder for the proxy server port number.

This is the end of the content of "how to configure SSH proxy server with Squid". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.