{"id":3242,"date":"2025-11-05T20:17:23","date_gmt":"2025-11-06T01:17:23","guid":{"rendered":"https:\/\/blog.lufamily.ca\/kang\/?p=3242"},"modified":"2025-11-05T20:17:24","modified_gmt":"2025-11-06T01:17:24","slug":"setting-up-a-pseudo-vpn-using-sshuttle","status":"publish","type":"post","link":"https:\/\/blog.lufamily.ca\/kang\/2025\/11\/05\/setting-up-a-pseudo-vpn-using-sshuttle\/","title":{"rendered":"Setting Up a Pseudo VPN Using sshuttle"},"content":{"rendered":"\n

I recently was in a situation where I am remote and all of my standard VPN clients stopped working. All I had was a private opened ssh<\/code> port to my remote server. Luckily I had the foresight to setup this private port before I left home!<\/p>\n\n\n\n

I was able to get certain SOCKS to work using the ssh -D<\/code> option, like:<\/p>\n\n\n\n

ssh -v -p PRIVATE_PORT -C -D 1080 USER@REMOTE_HOST.DOMAIN<\/code><\/pre>\n\n\n\n
With this I was able to browse the basics after making the required SOCKS configuration with my WiFi network settings. However, accessing hosts on my private network is still an issue. I can also get macOS Screen Sharing<\/span><\/strong> to a specific remote host (e.g. HOST2<\/code>) to work by establishing a port tunnel using:<\/p>\n\n\n\n
ssh -v -p PRIVATE_PORT -C -L 5901:HOST2:5900 USER@REMOTE_HOST.DOMAIN<\/code><\/pre>\n\n\n\n
I then proceeded to create a Screen Sharing session using port 5901<\/span><\/strong> instead of the default 5900 on my localhost<\/code>.<\/p>\n\n\n\n
With the help of chat.deepseek.com<\/code>, I was able to discover a nice tool called sshuttle<\/a><\/code>. This seems like the perfect solution for me. Unfortunately I was not able to install sshuttle<\/code> because GitHub<\/code> was blocked where I am. I had to install the utility manually. First, I had to configure my local git environment to use the SOCKS server that I created earlier.<\/p>\n\n\n\n
git config --global https.proxy socks5:\/\/127.0.0.1:1080\ngit config --global http.proxy socks5:\/\/127.0.0.1:1080<\/code><\/pre>\n\n\n\n
I then proceeded to clone the repository and create a temporary Python environment for a temporary install.<\/p>\n\n\n\n
git clone https:\/\/github.com\/sshuttle\/sshuttle.git\ncd sshuttle\npython3 -m venv ~\/Applications\/sshuttle\nsource ~\/Applications\/sshuttle\/bin\/activate\npython -m pip install .\nsshuttle --version<\/code><\/pre>\n\n\n\n
Now that I have a sshuttle<\/code> installed in a temporary location, I can establish a pseudo VPN using ssh<\/code> tunneling with sshuttle<\/code>.<\/p>\n\n\n\n
sshuttle -v --dns -r USER@REMOTE_HOST.DOMAIN:PRIVATE_PORT 0.0.0.0\/0 --to-ns PRIVATE_DNS_HOST_IP<\/code><\/pre>\n\n\n\n
Now that everything is working. I then install sshuttle<\/code> properly with brew<\/code>.<\/p>\n\n\n\n
HOMEBREW_NO_AUTO_UPDATE=1 brew install sshuttle<\/code><\/pre>\n\n\n\n
Once this is done, I removed the temporary install at ~\/Applications\/sshuttle<\/code> and rerun the sshuttle<\/code> using the brew<\/code> version.<\/p>\n\n\n\n
Everything is now working the way that I want. Effectively, it is as good as a VPN with all traffic being routed through my private ssh<\/code> connection. Thanks to modern AI tools like DeepSeek I was able to figure this out.<\/p>\n","protected":false},"excerpt":{"rendered":"
I recently was in a situation where I am remote and all of my standard VPN clients stopped working. All I had was a private opened ssh port to my remote server. Luckily I had the foresight to setup this private port before I left home! I was able to get certain SOCKS to work … Continue reading “Setting Up a Pseudo VPN Using sshuttle”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[111],"tags":[67,194,28,95],"class_list":["post-3242","post","type-post","status-publish","format-standard","hentry","category-tech","tag-networking","tag-ssh","tag-technology","tag-vpn"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p7V6i8-Qi","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.lufamily.ca\/kang\/wp-json\/wp\/v2\/posts\/3242","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.lufamily.ca\/kang\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.lufamily.ca\/kang\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.lufamily.ca\/kang\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.lufamily.ca\/kang\/wp-json\/wp\/v2\/comments?post=3242"}],"version-history":[{"count":6,"href":"https:\/\/blog.lufamily.ca\/kang\/wp-json\/wp\/v2\/posts\/3242\/revisions"}],"predecessor-version":[{"id":3248,"href":"https:\/\/blog.lufamily.ca\/kang\/wp-json\/wp\/v2\/posts\/3242\/revisions\/3248"}],"wp:attachment":[{"href":"https:\/\/blog.lufamily.ca\/kang\/wp-json\/wp\/v2\/media?parent=3242"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.lufamily.ca\/kang\/wp-json\/wp\/v2\/categories?post=3242"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.lufamily.ca\/kang\/wp-json\/wp\/v2\/tags?post=3242"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}