[prev in list] [next in list] [prev in thread] [next in thread]
List: konq-bugs
Subject: [Bug 147340] New: Add support for "ssh -D ..."-type of "poor man's
From: Kurt Pfeifle <pfeifle () kde ! org>
Date: 2007-06-29 1:08:28
Message-ID: 20070629030826.147340.pfeifle () kde ! org
[Download RAW message or body]
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugs.kde.org/show_bug.cgi?id=147340
Summary: Add support for "ssh -D ..."-type of "poor man's Socks
proxy" to Konqueror
Product: konqueror
Version: unspecified
Platform: SuSE RPMs
OS/Version: Linux
Status: NEW
Severity: wishlist
Priority: NOR
Component: general
AssignedTo: konq-bugs kde org
ReportedBy: pfeifle kde org
Version: 3.5.7 ("release 47.1" openSUSE) (using KDE KDE 3.5.7)
Installed from: SuSE RPMs
OS: Linux
Lately I'm forced to use a "Socks" proxy quite often in order to
(1) get an Internet connection at all through a firewall,
(2) or in order to make it more secure when on an unsecure network
(like public hotspot in hotel/airport/etc.).,
(3) or in order to access services on ports that the proxy is not
configured to serve (irc://, news://, ...)
The way I set it up is this:
(a) create an encrypted SSH connection to a secure remote host using
the (little known "-D portnumber" parameter to ssh command):
ssh -i ~/.ssh/remote.key -p 8080 kurt remotehost -N -D 28080 -f
Above command...
...connects to me to remotehost:8080,
...(which is allowed by proxy),
...because remotehost has sshd configured to listen there,
..."-f" backgrounds the connection,
..."-N" tells it to not execute any command,
..."-D" creates a 'dynamic' application-level portforwarding from
local port :28080,
"-D portnumber" can be said to provide "poor man's Socks4/Socks5
proxy" handled by SSH.
(b) For the proxy configuration in Firefox and Thunderbird I use this
setting:
+-----------------------------------------------------------------+
| |
| [x] Manual Proxy Configuration |
| |
| HTTP Proxy:[..............................] Port:[0......] |
| [.] Use this proxy for all protocols |
| |
| SSL Proxy:[..............................] Port:[0......] |
| FTP Proxy:[..............................] Port:[0......] |
| Gopher Proxy:[..............................] Port:[0......] |
| SOCKS Host:[..localhost...................] Port:[.28080.] |
| |
+-----------------------------------------------------------------+
It works beautifully.... if I use Firefox and Thunderbird or even Inter-
net Explorer in Wine! (By adding "-g" to the ssh command line, (I can
even enable my local socks proxy to accept and pass on requests from
other local computers using software that is socks-enabled...)
Unfortunately.... this.does.not.work.in.KDE !
I can't figure out how Socks proxy support is supposed to work *at* *all*
in KDE (see screenshot)! (Probably, in an attempt to make it "magically
work" with auto-configuration only and hiding the ugly details from the
user, one can't even simply set a proxy name/ip-address and port when
it comes to the Socks protocol. Why is this? Why is this so different
from the handling of http-, https-, ftp- and gopher-proxies?!
Here is how the same configuration dialog looks in Konqueror (as you may
be well aware):
+-- Servers ------------------------------------------------------+
| |
| HTTP:[..............................] Port:[0......] |
| HTTPS:[..............................] Port:[0......] |
| FTP:[..............................] Port:[0......] |
| |
| [.] Use same proxy server for all protocols |
| |
+-----------------------------------------------------------------+
The Socks proxy configuration is outsourced to a separate tab. It looks
like this:
+-----------------------------------------------------------------+
| |
| [x] Enable SOCKS support |
| |
| +--SOCKS Implementation-------------------------------------+ |
| | | |
| | [x] Auto detect [.] NEC SOCKS [.] Dante | |
| | | |
| | [.] Use custom library | |
| | | |
| | Path: [...........................................] | |
| | | |
| +-----------------------------------------------------------+ |
| |
| +--Additional library search paths--------------------------+ |
| | | |
| | | |
| | | |
| | | |
| | | |
| +-----------------------------------------------------------+ |
| +-------+ |
| | Test | |
| +-------+ |
+-----------------------------------------------------------------+
WTF?!
Does *anyone* who has not coded this part understand how this is supposed
to work?! (I challenge you to find 5 people at aKademy who can...)
This proxy configuration module does not even have *any* documentation
about how it is supposed to work (at least I could locate none); not even
the most minimal [meaningful!] "WhatsThis" help...
(I must admit the "test" button works beautifully... it always reports
"Success: SOCKS was found and initialized." whatever settings I try there.
But alas!, no real Socks proxy connection for Konqui!
No save Internet access with KDE on public hotspots for me.
No news:// access to the CUPS and Linuxprinting.org forums with KNode
when I work on a customer site with a fascist proxy/firewall in place (I
succeed in most cases to have my customers grant me an outward SSH
connection to my trusted "remotehost" before I ever start travelling to
their sites).
##############
So, sad as it is, I can't use KMail, Kontact, Kopete, Konqueror and have
to limit myself to Firefox and Thunderbird and Internet Explorer (for most
cases where I access the Internet).
Please, I have 2 urgent wishes:
(a) fix that for KDE4; make it so that as many as possible KDE4 appli-
cations can take advantage of this "poor man's Socks proxy via
SSH"
(b) backport it to KDE 3.5
Thanks for considering!
--
Kurt Pfeifle
System & Network Printing Consultant ---- Linux/Unix/Windows/Samba/CUPS
Infotec Deutschland GmbH ..................... Hedelfinger Strasse 58
A RICOH Company ........................... D-70327 Stuttgart/Germany
_______________________________________________
Konq-bugs mailing list
Konq-bugs@mail.kde.org
https://mail.kde.org/mailman/listinfo/konq-bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic