norainfallduckdog
New Member
Results from searching on the internet, would the following be the way to implement this request?
To direct Unbound DNS-over-HTTPS (DoH) traffic through an SSH tunneling port, configure your system to use a SOCKS proxy on the SSH tunnel's local port, then set Unbound to use that SOCKS proxy for outbound DoH connections by specifying it in the "proxy-out" option within your Unbound configuration file; essentially, all DoH requests will be routed through the SSH tunnel.
Key steps:
Establish SSH Tunnel with SOCKS Proxy:
• Open an SSH connection to your remote server using the -D flag to enable dynamic port forwarding.
• Example command: ssh -D 1080 user@server
• This creates a SOCKS proxy accessible on port 1080 on your local machine.
Configure Unbound:
• Edit your Unbound configuration file (usually located at /etc/unbound/unbound.conf)
• Add the following line under the "interface:" section to specify the SOCKS proxy => proxy-out: 127.0.0.1:1080;socks
• Important: Ensure your firewall rules allow outbound traffic on port 1080.
• Restart Unbound:
• Restart the Unbound service to apply the changes.
The following steps were applied without changing or adding attibutes to unbound.conf:
DNS-over-HTTPS was verified to have worked on Linux Mint 22 according to this: https://unbound.docs.nlnetlabs.nl/en/latest/topics/privacy/dns-over-https.html#using-doh
Librewolf Settings:
From Linux Mint 22:
ssh -4 -TND 443 [email protected] <---------- nnn.nnn.nnn.nnn VM IP address
The following errors appeared:
bind [127.0.0.1]:443: Permission denied
channel_setup_fwd_listener_tcpip: cannot listen to port: 443
Could not request local forwarding.
The search for "proxy-out:" attribute came back without results from this link: https://unbound.docs.nlnetlabs.nl/en/latest/manpages/unbound.conf.html
My questions would be:
-Are there attributes to use to forward Unbound DoH traffic (port 443) to the SSH tunneling (VM) using some other port instead of port 443? Is it better to use a separate port for SSH tunneling?
-Are the settings for Librewolf required as such?
-Are there instructions on how to achieve this request?
My objective is to use Unbound DoH with SSH tunneling to hide my ISP IP address. Would this be possible with Unbound?
To direct Unbound DNS-over-HTTPS (DoH) traffic through an SSH tunneling port, configure your system to use a SOCKS proxy on the SSH tunnel's local port, then set Unbound to use that SOCKS proxy for outbound DoH connections by specifying it in the "proxy-out" option within your Unbound configuration file; essentially, all DoH requests will be routed through the SSH tunnel.
Key steps:
Establish SSH Tunnel with SOCKS Proxy:
• Open an SSH connection to your remote server using the -D flag to enable dynamic port forwarding.
• Example command: ssh -D 1080 user@server
• This creates a SOCKS proxy accessible on port 1080 on your local machine.
Configure Unbound:
• Edit your Unbound configuration file (usually located at /etc/unbound/unbound.conf)
• Add the following line under the "interface:" section to specify the SOCKS proxy => proxy-out: 127.0.0.1:1080;socks
• Important: Ensure your firewall rules allow outbound traffic on port 1080.
• Restart Unbound:
• Restart the Unbound service to apply the changes.
The following steps were applied without changing or adding attibutes to unbound.conf:
DNS-over-HTTPS was verified to have worked on Linux Mint 22 according to this: https://unbound.docs.nlnetlabs.nl/en/latest/topics/privacy/dns-over-https.html#using-doh
Librewolf Settings:
- General -> Network Settings ->Settings
- Connection Settings
Manual proxy configuration selected
SOCK Host = 127.0.0.1 and Port = 443
No proxy for = localhost, 127.0.0.1
Proxy DNS when using SOCK v5 check marked' - Enable DNS ove HTTPS using
Increased Protection
Custom = https://doh/applied-privacy.net/query
From Linux Mint 22:
ssh -4 -TND 443 [email protected] <---------- nnn.nnn.nnn.nnn VM IP address
The following errors appeared:
bind [127.0.0.1]:443: Permission denied
channel_setup_fwd_listener_tcpip: cannot listen to port: 443
Could not request local forwarding.
The search for "proxy-out:" attribute came back without results from this link: https://unbound.docs.nlnetlabs.nl/en/latest/manpages/unbound.conf.html
My questions would be:
-Are there attributes to use to forward Unbound DoH traffic (port 443) to the SSH tunneling (VM) using some other port instead of port 443? Is it better to use a separate port for SSH tunneling?
-Are the settings for Librewolf required as such?
-Are there instructions on how to achieve this request?
My objective is to use Unbound DoH with SSH tunneling to hide my ISP IP address. Would this be possible with Unbound?