5

I am trying to connect to internet via a server in local network. I don't have permissions to change server configuration.

I want to do a ssh tunnel to that server and via that using socks proxy, I want to use internet.

When I try using:

ssh -D 2222 user@server

and setting socks proxy accordingly in firefox, and opening google.com in firefox shows:

channel 3: open failed: administratively prohibited: open failed

several times for each request.

I googled it, tried many solutions, but I am not able to get it working. It may have happened that because of being new, I have not applied the solution properly.

I can ssh into the server easily and everything works fine.

I have seen other questions that this question is possible duplicate of. I am not able to resolve my problem from the answers to those questions

Some additional questions,

The port 2222 is on my localhost. I don't need permission on server to open the port 2222. It creates tunnel via ssh (port 22). Is my understanding wrong?

If not, why would I need access to server admin?

techraf
  • 5,941
nisargjhaveri
  • 251
  • This is not necessarily an exact duplicate since the OP is trying to use SSH as a proxy (option -D) to access the internet as if the traffic was generated from the remote IP. The linked question concerns a -L tunnel and the relative answers are not specific to the question asked here.

    I had the same problem as the OP and I found out that the problem was that in the Chrome proxy setting I had forgot to put "127.0.0.1" in the "Exceptions" field.

     – Luca Citi Nov 27 '16 at 19:35

1 Answers1

2

It appears you do not have permission to open a socket on that server as implied by the -D switch... Normal ssh will work because it isn't opening a local socket for listening...

A snippet from man ssh -D [bind_address:]port ... Only root can forward privileged ports. Dynamic port forwardings can also be specified in the configuration file.

Looks like you'll need to speak to the server admin. Sorry buddy.

Hickory420
  • 77
  • @jimmij In what way is this not an answer? I don't think it's right, since 2222 isn't privileged, but that's a different matter – Michael Mrozek Nov 18 '14 at 23:07
  • @jimmij I don't have enough reputation to make a comment, but enough to give an answer (doesn't make sense). In either case, the answer is, he can't do what he is trying to do without being root, which, as he stated, does not have access to root. – Hickory420 Nov 19 '14 at 00:42
  • I have updated the question, can you please look at it? – nisargjhaveri Nov 19 '14 at 11:57