2
IT has the lab locked down so I cant do apt-get updates or install any packages on the Ubuntu machine. We have a Windows RDP desktop that has limited internet access. I have an SSH server running on the Windows box and I can SSH tunnel to it from the Ubuntu machine with the following
ssh -CND localhost:1080 me@windowsbox
The problem is I still cant resolve any DNS from the Ubuntu machine. So what I would like to do is also configure DNS to also go through the SSH tunnel. And yes, I have seen many other posts about configuring firefox or whatever browser to do so, but that does not apply here. I am looking for system level DNS or at the very least the ability for apt-get to resolv through the tunnel.
Thanks
How much control do you have over the Ubuntu box? – Paul – 2015-03-20T01:34:51.090
Hi Paul, root on the ubuntu box. I am also a domain admin, but I have no control of cisco firewall rules. – omencat – 2015-03-20T01:36:29.443
you are going to have to redirect packets for TCP and UDP 53 into the tunnel. DNS is one of the hardest things to get to proxy (which causes the TOR foundation some vexation), because so many applications perform independent queries instead of relying on the systems API for the task. you can probably forward it via IPTables. – Frank Thomas – 2015-03-20T01:37:55.343
You can do it, with netcat and a fifo if you have linux at both ends, but would need to be adapted to use Windows - I am not sure what the equivilent to a fifo is on Windows: http://www.qcnetwork.com/vince/doc/divers/udp_over_ssh_tunnel.html
– Paul – 2015-03-20T02:27:05.947Ah, both interesting solutions. I might want to try the iptables method. The security team provided a DNS IP to use, but they are now injecting their own SSL certs! This will work for me, but for future google searchers the two solutions above look like they might do the trick. – omencat – 2015-03-20T20:13:43.567