Thursday, August 2, 2007

Tunelling P2P (Bitorrent) Over SSH

Have you ever been on a network somewhere where Bittorrent simply doesn’t work? The ports might be blocked, the packets are inspected, etc…? Well, after a little research and a buck i’ve managed to come up with a pretty good solution. I’d heard about tunneling content through SSH, but never really figured out how to get it working. That is, until now.

I was really excited my first day at Blue Lava when I heard that they had a 20mbps connection. I was told I could download full Linux ISO’s in ten minutes. Pretty quick. Sadly the ports for Bittorrent were blocked and my downloading spree never began.

Right now I am sitting in a Starbucks right near the south shore of Oahu, Hawaii. I’ve got Azureus open and its downloading at a steady pace of 170kbps, I’ve pretty much maxxed out the connection over here. The funny (or cool) thing is, the ports are blocked! So how can you bypass your corporate firewall or public hotspot (like Starbucks T-Mobile WiFi) and work out your download muscle? Read on!

First of all, you are going to need some sort of shell account to tunnel everything through. I’ve already tried using my Silenceisdefeat account, but their SSH server is not configured the way that we want it, so that won’t work. A friend of mine told me about Disflux, a service almost exactly like Silenceisdefeat. Disflux has their SSH servers configured the way we want em though, so that is what we are going to use.

UPDATE: Turns out that Disflux died or something. But! Don’t flip out! As it turns out (Thanks Chris! - #19) Silenceisdefeat.org, which is my choice of shell anyway, does work with this guide. However, it will only work if you connect to ssh.silenceisdefeat.org!

So I shelled out the $1 for my disflux Silenceisdefeat.org shell account (I actually already had one, best thing ever), and went on my merry way figuring out how to configure everything else. Some may think that paying for something like this is nuts, but honestly, Bittorrent has become a part of my everyday life, I depend on it like a crack addict depends on his crack. One buck is totally worth the hours of glee BitTorrent has to offer.

First thing you need to do after buying your shell account is open up a terminal (in OSX its in the Utilities folder), or download putty if you’re on Windows. If you are on Linux and don’t know how to open a terminal I feel sorry for you.

In the terminal type “ssh username@domain -D portnumber”, this goes for OSX and Linux. Now, with PuTTY on Windows I am not quite sure how to go about doing this. I am pretty sure you would just type “-D portnumber” into a extra flags option box or something, but I am really not quite sure. Edit: Scroll down for Eberth’s Windows guide! Or you lazy people can clicky.

For example, I use: “ssh whalesalad@ssh.silenceisdefeat.org -D 7777″. You can use any port you want, but make sure it isn’t being used by anything else. I happen to like the number 7777 so thats what I chose.

Screenshot_3.png

NOTE: In the screenshots Disflux is used, simply replace shelly.disflux.com with ssh.silenceisdefeat.org after creating an account and you will have no problems!

Now, what does this do? This has your open SSH session act as a SOCKS proxy. This is what we are going to have Azureus or any other bittorrent client of choice use.

-----------------------------------------------------------------------------------------------------------------------
In detail the -D [bind_address:]port option does the following:

Specifies a local “dynamic” application-level port forwarding.
This works by allocating a socket to listen to port on the local
side, optionally bound to the specified bind_address. Whenever a
connection is made to this port, the connection is forwarded over
the secure channel, and the application protocol is then used to
determine where to connect to from the remote machine. Currently
the SOCKS4 and SOCKS5 protocols are supported, and ssh will act
as a SOCKS server. Only root can forward privileged ports.
Dynamic port forwardings can also be specified in the configura‐
tion file.

----------------------------------------------------------------------------------------------------------------------------


Once that terminal is open, just minimize or hide it, but leave it open. The proxy will only work if that terminal is open and connected, so try not to fiddle with it.

Now we have to configure our BitTorrent client of choice. I recently “switched” to OSX and am using Azureus, but if I had my way I would be using the greatest client ever: uTorrent. Because I can’t get the internet working in Paralells at the moment I can’t help explain how to configure uTorrent, but here is what you need to do to get Azureus up and running with our newly created SOCKS proxy.

First of all you need to enable the Advanced options area of Azureus. You can do this by re-running (or running if this is your first time using Azureus) the configuration wizard. On OSX this is under the Azureus menu, I’m not quite sure where it is on Windows (=P). Choose the advanced user option, this will let us configure Azureus to use proxies. Once this is done, open up the preferences area of Azureus.

Screenshot_4.png

From there open up the “Connection” sub items and then the “Proxy Options”. From there, check the “Enable proxying of tracker communications” and “I have a SOCKS proxy”. In the host field enter “localhost” and in the port field enter whatever number you used to start the proxy, for me thats “7777″.

Save your options and thats it! Now you should be able to head to any one of the online tracker websites and download away! Legal files of course, we don’t encourage piracy or stealing here at the salad. Make sure to leave comments if it works for you, and any other tips or tidbits you’d like to share!


Edit: For all you windows users out there, Eberth made a comment below on how to get this working. He did such a good job, I’m going to include it right here in my guide.

First you need to get PuTTY. It’s a great client, back when I used Windows it was my SSH client of choice. You can find a direct link to PuTTy here.

Open up PuTTY and enter shelly.disflux.com into the host field.

Go to Connection > SSH > Tunnels, and write your port on the source port field (in this case i’m using the same as Michael, 7777) and select the “Dynamic” checkbox, click the add button.

I’d reccomend what Eberth explains in his comment, which would be to save your session so that next time you can just fire up PuTTY and double click your saved session to reload the same settings. Enter a name for the saved session and click save, its as easy as pie!

Now you’ve got your SOCKS proxy running, time to fire up your favorite BitTorrent client. Azureus users can use the same configuration that I have above, but if you’re smart you’re going to be using uTorrent. Here is a screenshot of the way Eberth configured his client:

Thanks Eberth!


Based on: http://www.whalesalad.com/2006/08/27/tunneling-bittorrent-over-ssh/