Install Packages via SSH Tunnel – Step-by-Step Guide
When working with remote Linux systems behind strict firewalls or limited networks, you may need a secure way to perform software installations. In this tutorial, you’ll learn how to install packages via SSH tunnel, effectively routing your remote machine’s traffic through your own internet connection. We’ll use SSH Dynamic Port Forwarding to set up a SOCKS proxy that allows packages to be fetched as if the remote system were on your local network.
Pro Tip: If you’re new to SSH or want more advanced features, check out the OpenSSH documentation (outbound link).
1. Why Install Packages via SSH Tunnel?
Firewalls often restrict outbound connections on many ports besides SSH (port 22). By leveraging SSH tunneling, you only need one open port (22) to access the internet from the remote machine. This approach is especially useful in corporate or institutional environments where network policies are strict.
2. Enable SSH on Your Local Machine
To install packages via SSH tunnel, start by running an SSH server on the machine with unrestricted internet (your local system).
For Debian/Ubuntu:
sudo apt-get update
sudo apt-get install openssh-server
sudo systemctl enable ssh
sudo systemctl start sshEnsure your firewall/router allows inbound connections on port 22 (or any custom SSH port).
3. Create the SSH Tunnel from the Remote Machine
On the remote machine (the one with restricted internet), run:
ssh -N -D 1080 your_local_user@your_local_machine_ip- -N opens no shell (just the tunnel).
- -D 1080 creates a SOCKS proxy on port 1080 of the remote machine.
- Replace your_local_user@your_local_machine_ip with valid credentials and address.
To keep it in the background:
ssh -f -N -D 1080 your_local_user@your_local_machine_ipNow the remote system has a local SOCKS proxy at 127.0.0.1:1080 that routes traffic through your internet.
4. Configure Your Package Manager
4.1 Environment Variables (Apt or Yum)
Many tools recognize the http_proxy and https_proxy variables. On the remote machine, do:
export http_proxy="socks5://127.0.0.1:1080"
export https_proxy="socks5://127.0.0.1:1080"Then install packages via SSH tunnel with:
sudo apt-get update
sudo apt-get install <package>or
sudo yum install <package>4.2 APT Configuration (Debian/Ubuntu)
Alternatively, put these lines in /etc/apt/apt.conf.d/95proxy:
Acquire {
HTTP::proxy "socks5://127.0.0.1:1080";
HTTPS::proxy "socks5://127.0.0.1:1080";
}4.3 YUM Configuration (RHEL/CentOS)
On RHEL-based systems, edit /etc/yum.conf:
[main]
proxy=socks5h://127.0.0.1:1080Using socks5h:// ensures DNS lookups also go through the tunnel.
5. Adding Images
For clarity, include a simple network diagram:
“Diagram showing remote machine tunneling traffic through SSH to local machine”
This visual helps readers see how the remote machine connects to your local system’s internet.
6. Keep the SSH Tunnel Alive
The tunnel persists as long as the SSH session is active. In foreground mode, press Ctrl + C to end it. In background mode (-f), kill the SSH process to close the tunnel.
Conclusion
That’s all you need to install packages via SSH tunnel! By setting up a SOCKS proxy with SSH Dynamic Port Forwarding, you let any restricted remote server fetch software through your personal network, avoiding firewall limitations on most ports. For deeper insights into SSH configurations and best practices, check the OpenSSH documentation.
Keep your Focus Keyphrase—install packages via SSH tunnel—in mind when sharing this guide. With the right setup, you’ll enjoy smoother package management across all your remote Linux machines!
Buena fricada!