How to dynamically port forward for ISPConfig update?

Hi everyone
I hope you are all keeping well.
You may know that we have been facing Internet censorship in Iran due to women's freedom for around two months and because of that all applications such as Facebook, Telegram, WhatsApp, and millions of App bands in Iran. Even we can't update servers, mobiles, or windows operating systems.

According to the above-mentioned issue, I can not update my server and also I can't install ISPConfig on my brand-new server.

For solving my problem, in a very hard situation, I bought a VPS from Germany ( that's because Iran network fibers come from Germany and due to that ping time goes below 200 ms ).

Now I want to make SSH from the Iran server to the German server to solve and bypass censorship.

Example,
Iran IP: 1.1.1.1
German IP: 9.9.9.9

Code:

nohup ssh -4 -D 1.1.1.1:8080 [email protected] &

This command in many shapes gives me an error. I would appreciate it if you could help me to grant my network freedom.

 

What is that error?
Are you creating an SSH tunnel with that command?
If you just want to open SSH session from your host to the VPS host, the command is

Code:

ssh [email protected]

or if root login from remote is not allowed (this is the usual case, not allowed using password unless you open it previously), use some other account that you have created on the vps host.

 

Hi till

well, actually nothing working in here. ISPConfig has lots of dependencies that must be installed. Our challenge is not ISPConfig itself now.

 

If you are using Debian GNU/Linux on that host, there is https://packages.debian.org/bullseye/apt-offline
Debian is available as a set of DVD disks, that contain all the packages. Use that to install, then apt-offline to keep system updated.

 

Taleman,
Thanks for your reply

I really don't know how to make a proxy, I need step by step solution.

What I post over there is an example of people's usage that I heard.

 

Do you have any step-by-step solution for that?

I installed the "U-XI" server, a Chinese proxy solution that helped me bypass through mobile and window using the Vmess protocol but I couldn't connect it via Debian to Debian.

 

till even I need the proxy to connect to the Howto website

very ridiculous situation

 

I know, normal countries think of wealth and well being of people not blocking countries from others.

those who were in our business recommended I use SSH port forwarding, as they did but I can get the most help out of that.

 

can you not use vpn software like cyberghost or nordvpn?

i don't see port forwarding ssh being very helpful to you, unless it's for something you normally access via ssh anyway.

if you can get a vps in germany and access that, if you can't use vpn software, i would suggest just getting a linux vps in germany, install ubuntu-desktop (if using ubuntu, not sure what the debian equivalent is) and then install vnc-server on it. ( or xrdp)
install a vnc client on your local computer, and use that to connect to the vnc-server. you know have full gui access to the vps in germany. use that as normal to browse sites / download software etc. and then you can locally download any files you downloaded to the server using ssh.
for server updates and package installs, you can also use this german vps as an apt-proxy as suggested by @till

 

Thanks for your reply

Iran's filtering system is based on AI/ML. Every month find IPs connecting to abord and filter them. I must buy very cheap VPSs to set up and put in running.

I found some businesses in our same field in other cities that use SSH dynamic port forwarding. I asked them for help they mentioned network technicals did for them when I ask them for the contact number of that person they are denying me.

very awkward situation

 

If SSH port forwarding and APT proxy is not doable, what about my suggestions in #5?

 

Taleman,

I am not a professional in Linux systems, all ideas I had learned about Debian are back to ISPConfig. It was my starting point to come into Linux base systems. Thanks to "till" and others. I mean it, really.

As you know debugging is a very frustrating and hard issue. After installation, software needs update, including antivirus Calm, and many others.
I can't handle pice by pice. I need to solve this in any way.

I know some private companies in Iran that solved by socks proxy of SSH dynamic port forwarding but I don't know how! they just gave me the structure of command without much explanation.

Code:

nohup  ssh -N -D [Iran IP]:8080 -i /root/.ssh root@[German IP] &

 

If you need this to update the system, you could simple setup a wireguard gateway on the german VPS and add your server as a client. When the server is connected all traffic is routed through this wireguard gateway. While connected with WG you can update the system and close the wireguard connection after it.

If you want to use ssh take a look at:
https://github.com/sshuttle/sshuttle

 

Thanks, pyte
Nice resources

I read both but I need to work on how to implement them in my servers.
Sadly, I must read a lot and playground with this to install and run it. Thank you anyway. I never heard about both of them. It is worth trying it.

 

I still say my solution in #5 is simpler that apt proxy or ssh tunnels or port forwarding. Even if other server admins in your country use VPN you do not have to use the same solution, especially if the admins are not willing to tell you how it is done.

 

To be honest i am a bit confused, and not really sure what OP is trying to achieve here exactly, but there are lots of options in this topic.

 

I undestand there are two problems where the first is the cause but more general and the second one is a specific problem related to keeping his server updated or allowing him to setup new ones.

I do further see all solutions given as useful but what he needs in other specific is step by step for the suggested solutions where he could simply follow.