Go back

Connect Local and Development Environments via Proxy

Published:  at  05:32 PM

In most enterprises, the development environment is deployed on specific hosts. When developing locally, we often need to connect to the development environment for debugging, and proxies are widely used in this scenario. Below, through three examples of how I use proxies to access development environments, I’ll introduce how to freely access the necessary resources using a proxy.

1. Using SSH Dynamic Forwarding as a Proxy

If you can SSH directly into the host via VPN or the corporate intranet, you can use SSH’s dynamic port forwarding feature as a proxy:

ssh -fND localhost:1080 user@host_ip

This command starts a SOCKS proxy on the local port 1080, and requests to that port are forwarded to the target host through the SSH connection. Note that to use this feature, the SSH configuration file /etc/ssh/sshd_config on the target host must have AllowTcpForwarding enabled:

AllowTcpForwarding yes

Once the proxy is set up, many command-line tools that support proxies can access internal resources, for example:

# curl: via command argument
curl -x localhost:1080 ip:port

# kubectl: via http_proxy and https_proxy environment variables
export http_proxy=localhost:1080 https_proxy=localhost:1080
kubectl get node

For command-line tools that don’t support proxies, you can use proxychain to make them go through a proxy:

proxychains4 telnet targethost.com

For desktop applications, you can use Proxifier to set global proxy rules so that IDEs and database clients use the proxy when accessing resources.

2. Connecting via SSH Through a Proxy

If you can’t SSH directly into the host due to firewall restrictions (for example, no permission for port 22), but you can access a proxy on that host, you can still SSH into it through the proxy.

The SSH command supports the ProxyCommand parameter, which allows you to call an external command to handle the network connection. Tools like connect-proxy or corkscrew can be used to SSH through a proxy, for example:

# connect-proxy
ssh user@host_ip -o ProxyCommand='connect -H proxy_ip:proxy_port %h %p'

Alternatively, you can also use the proxychain tool mentioned earlier:

proxychains4 ssh user@host_ip

3. Setting Up a Proxy Without Root Privileges

If you can access the host but its SSH configuration file /etc/ssh/sshd_config has AllowTcpForwarding disabled, and you don’t have root privileges to enable it, you can’t use SSH dynamic forwarding as a proxy.

In this case, you need to set up your own proxy. Using Go to build a proxy service is a good choice, since Go binaries can run independently in different environments. Using the go-socks5 library, you can easily implement a SOCKS proxy:

package main

import (
    "github.com/things-go/go-socks5"
)

func main() {
    if err := socks5.NewServer().ListenAndServe("tcp", ":1080"); err != nil {
        panic(err)
    }
}

After compiling and running it on the host, a SOCKS proxy will start on port 1080:

go build -o proxy main.go
./proxy

Summary

Proxies are an essential part of the development process. This article introduced practical methods for using SSH, proxies, and building your own proxy server. With these techniques, you can configure a more efficient development environment and greatly boost productivity.

Share this post on:
Share this post via WhatsApp Share this post on Facebook Share this post on X Share this post via Telegram Share this post on Pinterest Share this post via Mail
Previous Post
20 Tools of Titans
Next Post
Why Using iptables to Block k8s NodePort Does Not Work