SSH is an encrypted remote login tool for Linux platform, which can be used not only to securely login to Linux servers, but also to create SOCKS5 persistent connections that can be used by other applications as proxies. The principle of SSH over the wall is based on this ability of SSH to create persistent encrypted connections.
This method is suitable for computer technicians who know the command line. For non-technical people, please see: China VPN Recommendations, which introduces easier-to-use wall-flipping software.
Writing this article was guided by a friend who is a techie, and I would like to thank the enthusiastic TGH students.
Steps for SSH over the wall
1. Acquisition of foreign remote servers
Asked friends who have used SSH to flip the wall, generally an ordinary cheap VPS is enough, the performance is not much to ask, it is best to Hong Kong, Japan, Taiwan, South Korea, Singapore, the U.S. and West of these places, because the latency to mainland China is more stable.
Don’t use domestic cloud hosting providers (e.g. AliCloud, TencentCloud, HuaweiCloud …) , because being detected frequently using the host to go over the wall may lead to the server being shut down directly.
Buy foreign VPS, Vultr, Linode, DigitalOcean should be able to, under 5 knife is enough, foreign hosting bandwidth and monthly traffic is very enough, the vast majority of the time do not have to worry about bandwidth resources are not enough.
Some vendors support common domestic payment channels such as Alipay/WeChat, and some do not, but generally domestic dual-currency credit cards can be purchased normally.
After buying a good host, you need to Ping the host IP from your Linux computer without linking to any wall-flipping software to make sure that you can Ping through, otherwise you should change the IP immediately, or delete the host to build a new one until you get the IP address that can be Pinged directly from the domestic network.
2. Create port forwarding to remote servers
The command line probably looks like this:
ssh -D 12345 [email protected]
用你自己的远程服务器的IP地址替换掉1.2.3.4,
用你自己想用的本地端口号替换掉12345,
注意,端口号要用大于1024,小于65536的数字
If no error is prompted, your Linux command line should have logged into the remote server, created successfully, the next step is to set up the proxy for the application that needs to go over the wall, refer to the setting method of mainstream browsers:
- How to set up a proxy for Chrome
- Firefox Firefox how to set change proxy
- How to set proxy in Edge browser
You should be able to access the walled site normally after setting it up, so type youtube.com into your browser’s address bar right now to get the hang of it.
In fact, SSH over the wall is not only useful for browsers, it’s actually useful for any application that can set up a proxy, such as mail sending and receiving clients, download software, chatting software, and even the Linux command line and the entire operating system itself, if you are interested, you can Google it yourself.
Advantages and disadvantages of SSH over the wall
The biggest advantage is that SSH comes with the Linux/Mac system (I hear it works on Windows too?). tool, there’s no need to install anything extra, and it’s an extremely common tool used in everyday work, and firewalls are unlikely to block it completely, so there’s some availability at the moment.
The downside is that the quality of the connection depends entirely on the quality of the remote server’s IP, and getting a clean IP is often a matter of luck. If you encounter a poor quality IP, even if you can connect to it, the connection will be dropped frequently, and the connection rate is low after the drop, which is a waste of time, and this problem will be more obvious when you open it to download a large amount of data, and it will make the download very painful.SSH over the wall is basically impossible to be used to download BT, and it will be disconnected very soon, and if you are blocked by the IP of the computer of the VPS manufacturer, you have to wait for a long time before you can connect to it again. This method is only suitable for opening webpage and sending/receiving emails with little traffic.
It’s very unfriendly to computer geeks, the command line is only for computer techs, and I haven’t found a SSH wall flipping client that looks easy enough. Unless you know a little bit about technology, I strongly don’t recommend using SSH to flip the wall.
Reference: Linux wall flipping guide.