lynx over ssh (was "ssh pointer needed")

Tim Chase blinux.list at thechases.com
Thu Feb 10 20:30:15 UTC 2005


> Does any documentation exist on how to make lynx the cat use 
> ssh rather than its normal internet access method?

Well, depending on what you're trying to do, there are two diff.
ways to go about it.  The first is if you just want to access
sites securely over HTTPS, you should just be able to use an
HTTPS protocol in your URL.  That assumes you're running a
version of Lynx with SSL built in.  This is the far easier way to
do secure communications on the web, and far more commonly done.

Alternatively, if you're trying to HTTP (not HTTPS) over a SSH
tunnel, you'd have to set up an SSH redirection server on each
end.  This would be a pretty rare need.  Rather than HTTP'ing
from machine X to machine Z, you'd HTTP from machine X to the
redirection port on machine X, which then connects to the un-SSH
port on machine Z, which in turn feeds it to port 80 (or the HTTP
target port) of machine Z.  This is a kinda bizarre thing to want
to do with HTTP, though I could come up with odd cases in which
one might actually want to.  More often, one wants to use a
protocol that doesn't have security standards...things like
running X, gopher, telnet, ftp, mysql, etc. over an unsecured
network.  If you want to learn the details of doing this, there
are some good tutorials out there on doing it with X (a
web-search on keywords such as "tunnel x over ssh" turns up
oodles of hits).  They should be pretty easily modifiable to
point to HTTP's port 80, rather than whatever port X uses.

The second way there also has the problem that any links in the
page could well point to the remote server, rather than something
like http://localhost:3141/path/to/page.html if they're absolute
rather than relative URLs.

Lastly, with the second method, you have other security aspects
to worry about...you've now got an open port on each machine
which can redirect traffic to the other, so you'd want to
firewall those ports, only allowing traffic from known machine IP
addresses if possible.

I suspect you're talking about the former method (just accessing
HTTPS sites) in which case, Lynx can be (and usually is) built
with SSL built in.  So you can just try an HTTPS address and it
should work.  You can check by running

	lynx --version

and the results should have "SSL-MM" and "OpenSSL" in the
resulting text.

Hope this helps,

-tim









More information about the Blinux-list mailing list