Secure, portable tunneling/proxy server
patrickmn/senka
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
master
Could not load branches
Nothing to show
Could not load tags
Nothing to show
{{ refName }}
default
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code
-
Clone
Use Git or checkout with SVN using the web URL.
Work fast with our official CLI. Learn more about the CLI.
- Open with GitHub Desktop
- Download ZIP
Sign In Required
Please sign in to use Codespaces.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching Xcode
If nothing happens, download Xcode and try again.
Launching Visual Studio Code
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
Senka is an SSH server which only permits traffic forwarding, and only for a list of
predefined users (identified by RSA keys), which means it's essentially a secure,
portable tunneler/proxy server. It's ideal for bypassing outgoing firewall restrictions,
or encrypting your traffic on insecure/monitored networks.
Senka can be used on any server that has Python, regardless of whether the user
has administrator privileges or access to e.g. the local OpenSSH server, and can be
connected to by any client which has either ssh or PuTTY.
Setup:
- One-time client setup:
- Linux/*BSD/OS X:
1. Run the command: ssh-keygen -f senka.key
2. (Optional) Enter a passphrase for your client key (recommended)
3. Copy the contents of the file senka.key.pub (you will need this for the server)
- Windows:
1. Download PuTTY: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
(Download the 'everything' package, or PuTTY and PuTTYgen.)
2. Run PuTTYgen
3. Click "Generate" (move the mouse if instructed)
4. (Optional) Enter a passphrase (recommended)
5. Click "Save private key", and save the .ppk file (e.g. senka.ppk) somewhere safe
6. Save the contents of the "Public key for pasting into OpenSSH..." field
(you will need this for the server)
7. Close PuTTYgen
8. Open PuTTY
9. Enter/do the following:
* Host name: <username>@<your server's hostname/IP> (e.g. patrick@myserver.com)
* Port: The port which Senka will listen on (default 2222)
* Under Connection -> SSH -> Auth:
Private key file for authentication: Select the .ppk file you saved
* Under Connection -> SSH -> Tunnels:
Source port: Some local, unused port (e.g. 31337)
Type: Dynamic
click "Add"
* Go back to "Session" (top menu item)
* Under "Saved Sessions", enter some name (e.g. Senka), and click "Save"
- One-time server setup:
Prerequisite: You need Python, Twisted, and pyOpenSSL. Usually it's enough to do:
- Ubuntu/Debian: sudo apt-get install python-twisted python-openssl
- Fedora/SUSE: sudo yum install python-twisted python-openssl
1. Run twistd -noy senka.tac. This will generate a file, authorized_keys, which stores
the list of users (and their keys) who are allowed to connect to the server
2. Edit authorized_keys
3. Add a line containing your username and public key string, e.g.:
patrick ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEA1e...
4. Save the file
Usage:
- Server:
1. Run twistd -noy senka.tac (or twistd -oy senka.tac for daemon mode). It should now listen on port 2222.
(You can define a list of ports at the bottom of senka.tac if you want!)
- Linux/*BSD/OS X client:
1. Run the command: ssh -i senka.key -D 127.0.0.1:31337 <username>@<server.com> -p 2222 -N
(This starts a local proxy server (on port 31337) which tunnels data through Senka.)
2. Keep the ssh session open. (You will not see any output.)
3. In any application that supports connecting through a SOCKS proxy (or system-wide
via e.g. GNOME -> System Settings -> Proxy), set the following:
* Proxy type: SOCKS5 (or just SOCKS)
* Host: 127.0.0.1
* Port: 31337
(No username/password)
- Windows client:
1. Open PuTTY
2. Double-click your previously saved session, e.g. "Senka"
(This starts a local proxy server (on port 31337) which tunnels data through Senka.)
3. Enter the password for your private key, if prompted
4. Keep the PuTTY window/session open. (You will not see any output.)
5. In any application that supports connecting through a SOCKS proxy, set the following:
* Proxy type: SOCKS5 (or just SOCKS)
* Host: 127.0.0.1
* Port: 31337
(No username/password)
To use the proxy system-wide, go to Control Panel -> Internet Options -> Connections ->
LAN settings, select "Use a proxy server for your LAN", then click "Advanced", and under
"Socks:" enter: Proxy address to use: 127.0.0.1, Port: 31337. Click OK in all windows.
Congratulations! Any connection made through the local SOCKS proxy is now sent, encrypted, through
the Senka server, creating a tunnel which swiftly defeats any pesky, restrictive firewalls and
local network monitoring.
Happy browsing!
Tips:
- Windows:
If you connect to several different Senka servers, you might want to use the same key file,
and also only have to unlock it once. Use Pageant (from the PuTTY package) to keep your
key in memory. It will automatically be used for any new PuTTY/Senka connections.
About
Secure, portable tunneling/proxy server
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published