3

This post on unix.se explains how to tunnel SSH over shadowsocks.

This post on sec.se discusses some of the vulnerabilities of shadowsocks (namely its vulnerability to brute force).

After reading through the shadowsocks protocol and doing a quick overview of the code base it seems that tunneling SSH over shadowsocks would provide a means of bypassing stateful packet inspection (shadowsocks) while still maintaining a decent level of security (OpenSSH).

For example:

# ~/.bashrc 
export http_proxy=socks5://127.0.0.1:1080 
export https_proxy=socks5://127.0.0.1:1080 
export SOCKS5_PASSWORD=<superstrongpassword>

# ~/.ssh/config 
Host <hostname alias>
 HostName <ip or domain name>
 User <user>
 IdentityFile <path to ssh key>
 ProxyCommand connect -S 127.0.0.1:1080 %h %p

Is this a sound assumption or would using them together like this expose a vulnerability that I missed?

If someone was able to brute force the shadowsocks <superstrongpassword> would they have any access to my box beyond just using it as a proxy?

Note: I am also reading through the connect-proxy code now. If anyone knows of any issues with that I would be interested.

Stephen King
  • 201
  • 2
  • 12
CaffeineAddiction
  • 7,517
  • 2
  • 20
  • 40
  • I know this is example code, but want to mention that in real code you should not store your password in clear text. – Neil Smithline Apr 11 '18 at 14:01
  • @NeilSmithline agreed ... however I dont really care about the encryption or security provided by shadowsocks. Just using it to get past the FW. SSH and pubkey auth is what I am depending on for security. shadowsocks password is just a randomly generated string in my case. As a general rule of thumb I would agree with you though. – CaffeineAddiction Apr 12 '18 at 04:45

0 Answers0