I came across a situation where I needed to install software on a server that didn’t have internet access, except for the apt-get commands which are only reaching specific Internet addresses (allowed by the firewall).
So in our network there is a Linux server that does have full Internet access. The idea here is to use that server as a Socks5 proxy for all needed Internet access. Since not all the Linux command line programs do support the setting of http_proxy bash variable, I want a proxy setup that allows any program to access internet via the ‘proxy’ server in the following fashion:
Server-without-internet(ServerA) ==>> Server-with-internet(ServerB) ==>> Internet
The method used here is to set-up an SSH-Socks5 tunnel in ServerA and ServerB and use the wrapper program tsocks to start the programs that need Internet access. Why a wrapper? Because not all the programs can deal with Socks5 proxying. tsocks does the handling and strarts any command we want which should access Internet. A good example of this in the Installation of the complex GitLab system. In those examples we assume that your are logged-in as superuser root in both servers.
Setup a backwards tunnel in ServerB
ssh -f -N -R 2222:localhost:22 ServerA
Setup a Socks5 tunnel using SSH in ServerA
ssh -f -N -A -D 8888 root@localhost -p 2222
Install tsocks package
apt-get install tsocks
Rename the original config file
mv /etc/tsocks.conf /etc/tsocks.conf.orig
Edit tsocks configuration file
server = 127.0.0.1
server_port = 8888
server_type = 5
Access the internet for programs via the wrapper tsocks.
tsocks wget //google.de
tsocks gem install bundler
git config --global http.proxy 'socks5://127.0.0.1:8888'
git config --global https.proxy 'socks5://127.0.0.1:8888'