AWS Workspace Reverse Tunnel Proxy

README.md

AWS Workspace Reverse Tunnel Proxy

This setup allows you to open a reverse SSH tunnel to an external machine and then be able to use the AWS Workspace machine as a jump host for any network access by starting a SOCKS5 proxy.

Setup

1. Make sure you have Cygwin installed on the AWS Workspace machine.
2. Download microsocks.exe as raw file to the AWS Workspace machine.
3. Copy the tunnel.sh script - put it in the same folder as microsocks.exe on the AWS Workspace machine (best copy both to your Cygwin home directory).
4. Create an account with ngrok and add a payment method (no subscription required!).

Usage

1. Start ngrok on your local machine to allow access to sshd:

   ngrok tcp --region us 22
   

2. Take note of the ngrok host and port.
3. Start tunnel.sh on the AWS Workspace machine, for example:

   ./tunnel.sh 5.tcp.ngrok.io 17654
   

4. You can then make use of the SOCKS proxy on your local machine on port 9041.

Git Usage

In order to use the proxy with git, you can set it up as follows for a repository:

git config http.proxy=socks5h://localhost:9041

For initial clone use -c:

git -c http.proxy=socks5h://localhost:9041 clone https://some.internal.domain/repo.git

tunnel.sh

#!/usr/bin/env bash

HOST=$1
PORT=$2

if [[ $HOST == "" ]]; then
	echo "!! Host is required"
	exit 1
fi
if [[ $PORT == "" ]]; then
	echo "!! Port is required"
	exit 1
fi

trap ctrl_c INT
RUNNING=true

echo "Starting microsocks..."
./microsocks.exe -i 127.0.0.1 &
SOCKS_PID=$!

function ctrl_c() {
	echo "** Trapped CTRL-C"
	RUNNING=false
	kill $SOCKS_PID
}


while $RUNNING
do
	echo "... establishing tunnel ..."
	ssh -N -R 9041:localhost:1080 michael.rose@$HOST -p $PORT
done