Let’s imagine that we have 2 hosts.

• Host A with user1 is your local host from which you will connect to remote.
• Host B with user2 is remote host where you want to log in as user2.

Run

ssh-keygen

as user1 on Host A to generate keys unless old one is exist. When I will be prompted to enter passphrase just keep it blank. This command generate RSA key with long in 2048 bit:

ssh-keygen -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user1/.ssh/id_rsa):
/home/user1/.ssh/id_rsa already exists.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user1/.ssh/id_rsa.
Your public key has been saved in /home/user1/.ssh/id_rsa.pub.
The key fingerprint is:
9e:f0:44:4a:e2:81:72:02:0b:3c:b5:3d:be:a7:c2:95 user1@host_a
The key's randomart image is:
+--[ RSA 2048]----+
...
+-----------------+

After it’s done check content of your id_rsa.pub file:

host_a:~# cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAzU6SlO7EZksPGmLTz3EcMpFQXME9otJ4vWqQ1Nnzd0g0FX5MS
/H1m2xJWCLfgsWTWyOP7hHQufPrzY5kqJkeF0tgOSPHnzDQt4YBE1Xi0ihR/cDK+KHOlIFG4kHlEs/ThTDpD0mwgBC755Tu5g2GOW3ogsrViZbyfa72HJQaEbISZwfiPnJUwmtGJ/+PQiEoN8cgK1zrk8oVnlguK0V52ZygFuvNKd6jmKIiDKOcQ2ZIobu6jYVd/Nit1gg+9llbuAdXDFn24AdNHatBzvlwb76yYa/ZAwZQKzytWca0NnMMwMeQ== user1@host_a

Copy it and log in remote Host B as user2. And append it to authorized_keys file:

$ cat >> /home/grytsenko/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAzU6SlO7EZksPGmLTz3EcMpFQXME9otJ4vWqQ1Nnzd0g0FX5MS
/H1m2xJWCLfgsWTWyOP7hHQufPrzY5kqJkeF0tgOSPHnzDQt4YBE1Xi0ihR/cDK+KHOlIFG4kHlEs/ThTDpD0mwgBC755Tu5g2GOW3ogsrViZbyfa72HJQaEbISZwfiPnJUwmtGJ/+PQiEoN8cgK1zrk8oVnlguK0V52ZygFuvNKd6jmKIiDKOcQ2ZIobu6jYVd/Nit1gg+9llbuAdXDFn24AdNHatBzvlwb76yYa/ZAwZQKzytWca0NnMMwMeQ== user1@host_a

Set proper permissions for file:

user2@host_b:~$ chmod 600 ~/.ssh/authorized_keys

Now you are ready to log in without password from Host A:

host_a~# ssh -p 443 user2@host_b
Linux host_b 2.6.18-5-686 #1 SMP Fri Jun 1 00:47:00 UTC 2007 i686

That’s all folks:).

For this you need:
1. At least one open port for output connection OR access to proxy.
2. Server in the internet with root OR user rights.

You can easily get it in several simple steps. Just imagine that you located at office1 and open port for ongoing connection = 443. Also you have access to server1 which located at internet. Now go to server1 and edit ssh configuration file. Add new port directive into this file(in case if you have open port, in other case skip this step). Like this:

server1# grep -i port /etc/ssh/sshd_config
Port 22
Port 443

As you can see now server1 use 2 ports(22 and 443) for ssh daemon. Let’s check it:

server1# netstat -lnp | grep ssh
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3946/sshd
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      3946/sshd

It’s ok. The next step #2 install proxy server. You can choose anyone you like. I chose tinyproxy, because of it’s very small and simple in configuration.

server1# apt-get install tinyproxy 

It’s valid command for debian. For your distro use distro specific package manager as well.

Go to /etc/tinyproxy/tinyproxy.conf and check port and listen directives for determinate on which port and address your proxy listen. In my case it’s port 8888 on localhost:

server1#grep -E "^(Port|Listen)"  /etc/tinyproxy/tinyproxy.conf
Port 8888
Listen 127.0.0.1

Start daemon and check that it run:

server1# /etc/init.d/tinyproxy start
server1# netstat -lnp | grep tinyproxy
tcp        0      127.0.0.1:8888              0.0.0.0:*               LISTEN      3923/tinyproxy

Looks fine. Now make ssh tunnel to your server. If you have direct connection to server. Use this :

server1#ssh -p 443 user@server#1 -L8888:127.0.0.01:8888 

If not then do as described here.

And last one step is setting up proxy 127.0.0.1:8888 on your browser and enjoy.