Best persistent SSH tunnel global proxy method? - Android Q&A, Help & Troubleshooting

I read some articles recommending the SSHtunnel app, but although it appears to create the connection between my rooted Android 7.1.2 phone and my remote server, with the global option selected, it is not changing my IP.
I have read other guides recommending ProxyDroid with Connectbot, and I have used the latter before but more recently I am using JuiceSSH. Juice does have a tunnel option, so I should be able to use that with with ProxyDroid, although tunnels with Juice are a paid feature, as is the Tasker plugin for Juice - I am happy to pay, if I learn this is the best method.
Basically I would like the SSH tunnel to open using an RSA key automatically, whenever my phone has a Wi-Fi or mobile data connection and after reboot automatically, and I want to global proxy all traffic down the SOCKS 5 - what is the best way to do this please?

Related

[DEV] Other ways to enable the hotspot? or tethering w/out market apps? (w/out root)

i know modifying the services.jar is done when rooted but i have been messing with QPST pretty much all day and have found quite a few little tweaks that can be made. anyway, i noticed under multiple tabs there are options for tethering. when i get back, im going to back up all my settings and then change some things to see what i can come up with.
can anyone with and intimate knowledge of QPST and our phones chime in here? is there anyway at least the wired tethering can be modified w/ QPST to be unlocked? just a thought because the market apps have to do something not root related.
I don't know about actual tethering (which gives your PC an IP address), but I've seen a lot of posts on XDA and other forums on how to browse the web using a proxy setup. I've been doing this for the last few days that I've owned the phone.
In essence, it involves:
1. Running a proxy server app on your phone. I use JADS internet sharer, in SOCKS mode. Proxoid is another HTTP proxy server
2. Connecting phone to the computer using USB
3. Putting the phone in HTC Sync mode (I couldn't get adb to work in charge only mode)
4. Doing adb port forwarding on your computer: adb forward tcp:12345 tcp:1080
5. Configuring firefox to use the SOCKS v5 proxy localhost:12345 (or HTTP/HTTPS proxy if you run proxoid)
6. Configuring the network.proxy.socks_remote_dns custom property value to "true" in firefox's advanced configuration (type about:config in the address bar, and type "dns" in the filter textbox)
After this, I can browse the internet all I want. And that's really all I need at this time. I'd like to have the computer route all internet through this proxy server, but I'm going to look into it later.
I suspect the market apps are doing something VERY similar. They all have a client component you have to install on your PC, maybe the client is a "dummy" network interface that routes all traffic through a similar port forwarding setup.
ProcessorHog said:
I don't know about actual tethering (which gives your PC an IP address), but I've seen a lot of posts on XDA and other forums on how to browse the web using a proxy setup. I've been doing this for the last few days that I've owned the phone.
In essence, it involves:
1. Running a proxy server app on your phone. I use JADS internet sharer, in SOCKS mode. Proxoid is another HTTP proxy server
2. Connecting phone to the computer using USB
3. Putting the phone in HTC Sync mode (I couldn't get adb to work in charge only mode)
4. Doing adb port forwarding on your computer: adb forward tcp:12345 tcp:1080
5. Configuring firefox to use the SOCKS v5 proxy localhost:12345 (or HTTP/HTTPS proxy if you run proxoid)
6. Configuring the network.proxy.socks_remote_dns custom property value to "true" in firefox's advanced configuration (type about:config in the address bar, and type "dns" in the filter textbox)
After this, I can browse the internet all I want. And that's really all I need at this time. I'd like to have the computer route all internet through this proxy server, but I'm going to look into it later.
I suspect the market apps are doing something VERY similar. They all have a client component you have to install on your PC, maybe the client is a "dummy" network interface that routes all traffic through a similar port forwarding setup.
Click to expand...
Click to collapse
does easytether have a pc client? never tried it so i really dont know but i think your right because in the free version of easytether its web ports only and the paid version, all ports are working (gaming, messaging, etc....).
I've tried the Easytether paid version and it works great.
ydoucare said:
I've tried the Easytether paid version and it works great.
Click to expand...
Click to collapse
i've used this before.. good stuff
ydoucare said:
I've tried the Easytether paid version and it works great.
Click to expand...
Click to collapse
never said it didnt work. that's not the point of this thread.
ydoucare said:
I've tried the Easytether paid version and it works great.
Click to expand...
Click to collapse
Over wifi? Also, will this work for computers that can only join a secure network? (not adhoc) [if wifi is avail]
I only need to tether when on a job and there network is down or something and I may need to get on my laptop for a brief amount of time would this easytether work for me.
this should be in Q&A or general. you are not developing anything with your op so it does not belong here please pm a mod to move
Or merge with thread WIP DEV hotspot unlock?
BANG! from my shooter...

[Q] Block Wifi if VPN is down?

I want to ensure nothing on my phone as access to wifi if my vpn is not connected. Anybody know how I could achieve this?
Any ideas greatly appreciated.
You might want to give Tasker a try. Llama (it's free / haven't used it though), or another Task automation tool might work too. It depends on how the app works, but you may have to do one or two things manually. For instance
Example Pseudo-code:
Code:
IF VPN app OPENED (
TURN OFF WIFI
SET VARIABLE vpnfrontend=1)
IF VPN app LOSES FOCUS (closed) (
ASK "Is VPN Enabled?"
IF YES (
ENABLE WIFI
SET VARIABLE vpnfrontend=0 )
IF NO (
SET VARIABLE vpnfrontend=0 ) )
That's the best I can think of off the top of my head.
Hope this helps!
Thanks for the reply closeone.
I purchased Tasker a couple of days ago. Hopefully I'll be able to do this - afraid there are going to be some manual steps though. I bought WifiJumper to auto connect to hotspots (known or unknown) so my wifi phone (Samsung Galaxy Player YP-G70) would be more like a cell phone. I thought if I could get OpenVPN working on my phone it automatically tries to reconnect but it is sometimes a slow process - thereby leaving my wifi connection open for a minute or so.
The ultimate goal here is: Android is a lot like CarrierIQ in that it tracks every IP you log in from. So I want to use a vpn so the IP I login from is the same one no matter where I'm at. I'm not a hacker, pedo, or even using P2P - I just want my privacy. Kind of a principal type of thing.
Your code is similar to what I was thinking of but.... I'm thinking I won't be able to check to see if VPN is enabled and then turn on wifi because the vpn requires wifi access to connect.
I'm still new to Android but so far the only tool I see to block wifi access is Airplane Mode and I think it blocks all apps (including the vpn). Maybe pdroid or Droidwall have some options for what I want to do????
Got to thinking if Droidwall had profiles I could build a profile that had wifi blocked for everything except Vpn. Then use Tasker to check to see if vpn was up. If not then set Droidwall to that profile. Problem is I don't think there is a way to run Tasker rule constantly. So there would be data leakage.
Sent from my YP-G70 using Tapatalk

Different options to avoid 3 Mobile UK tethering block.

Hi everyone,
I am trying to get my head around on what can be done to bypass the tethering filter on 3UK.
Below are different scenarios I have come up with and would like any volunteers who could try out any of the following for me. Of course I will be doing these myself as and when time permits but its always helpful to have others view on it too.
Please and I say please, do not turn this thread into Right and Wrongs of tethering or Terms and conditions of 3 mobile contracts. Please keep your views to yourself regarding if its lawful or unlawful or ethical or unethical or whatever you seem to come up with. I would like this to be a productive thread, instead of random comments on tethering.
Option 1: Use SSH Tunnel * Should I use SSH tunnel on my phone and use my PC to connect to it to use internet. Is there a reverse option?
Option 2: Use OpenVPN Install OpenVPN on your pc, and connect your phone to your pc using default VPN function on your phone in my case GT-I9100 comes with VPN function. You could also try to reverse this method and install OpenVPN on your phone and use your PC to connect to it. *
Option 3: Use the above two together in combination As the heading says, use SSH tunnel to connect to your OpenVPN.
Option 4: Use a proxy on your pc and connect to your phone or reverse, install proxy app on your phone and point your pc web browser to that proxy address. You could use the SSH tunnel here to connect too.
So, tools at hand are vpn with any encryption available, ssh tunnel, proxy server.
Tools to ignore - TOR (onion), garlic based TOR like, changing User Agent on web browsers or paid VPN.
3 UK has two APN settings, three.co.uk for mobiles (NATd ip address) and 3internet (dongle users) has external IP address and I believe it’s an Open NAT or no NAT.
Please feel free to mix and match any options and also share your views on what is technically possible.
I hope to see something useful and learn a bit more. Even if we fail to achieve the desired results, it will still be enlightening to find the facts on how 3 detects tethering.
I
Code encode decode
Found on giff gaff forum useful info
Well, they have a few ways..TTL: In my opinion, the most likely telltale signal of tethering. For example, *iOS packets originate with a TTL of 64, so if they see anything else they know something is up. This is very easy to check, as the TTL is checked by each router as the packet is handled. (the address on the envelope - doesn't require opening the letter, to use an analog analogy)APN: Another possible sign of tethering is data being routed over the access point set up for the built-in tethering feature. But giffgaff does NOT have a separate APN for Tethering. Again, this is easy to check without deep packet inspection.User-agent: This is where carriers would need to get heavy-duty equipment and a willingness to be invasive to detect tethering. Your browser sends information about itself to remote web servers, and this information could be checked. I do not think giffgaff is doing this (to detect tethering at least,) as it is not proof of tethering since anyone can easily use another browser on your phone that reports a different User Agent.Web Sites Visited: Again, highly invasive, though it doesn't require DPI. If you're using the DNS servers of the carrier, they could look for requests for certain domain names like windowsupdate.com etc. This wouldn't be proof either, though.I would bet that they are using TTL. So tunneling the TCP/IP packets that way probably resets the TTL to the default of the WAN interface on the phone.
Code encode decode
Why do you have to make 2 threads for the same subject?
Well I wasn't sure at the time of writing first one if I had to go down the route of testing which the second one is for. So, the first one is literally to know if its happening to new contracts only and second is for testing different scenarios and finding how.
Hope this helps and if not then jog on.
Code encode decode
Invincible29 said:
Hope this helps and if not then jog on.
Click to expand...
Click to collapse
Less of the attitude please and more of the reading of forum rules. Stick to one thread for the same thing.
Thread closed, use the other one (it was created first).

Question Hotspot/ Tethering app recommendation

Hi, the stock phone limits the hotspot/ tethering functionality. Any recommendations on how to bypass the same or an app that allows unrestricted tethering?
My unlocked Samsung phone allows full tethering.
Thanks in advance!
use FoxFi or PDANet+ (theyre made by same people)
-i have attached the unlocker key to unlock unlimited data usage.
Thanks for the key, but FoxFi doesn't seem to work on the OnePlus n200 T-Mobile variant.
mthous01 said:
Thanks for the key, but FoxFi doesn't seem to work on the OnePlus n200 T-Mobile variant.
Click to expand...
Click to collapse
It does, you also have to install the base PDAnet+ app. The unlock key just removes the apps limits.
Using USB tether appears to work... the key is that you DO NOT tether through the native android app, instead you connect it to PC and just leave it as charging/transfer mode. then inside of the PDAnet+ app you allow tether usage from in the app. it will use ADB to share the internet so all you have to do is allow access when the popup comes up on your screen.
yes, you have to install a companion app on the computer.
Another way to setup unlimited fast-speed tethering is by using ssh tunneling inside of a (free, open source) termux app on the phone.
The setup is somewhat cumbersome but offers very reliable results once configured. In addition, the minimal configuration does not require paid apps. To automate the process two paid apps (Tasker and Termux:Tasker) are needed but for many people the investment may be worth it since tasker is an extremely powerful and useful app on its own and termux:tasker is not expensive (it can also be useful beyond tethering for automating other advanced things termux could do).
The link to instructions is at the end of the post. Below is a brief (or not so brief) description description of required configuration (complimented by automation steps) but go to the link to get a proper guide.
1. Install termux application, install python 2 package inside of termux and run configuration command in the link below.
2. install openssh package inside termux application. Configure ssh server as described in the link, this involves copying the client identity key to an appropriate termux folder.
3. Once you verified that you can ssh into the phone's ssh server (with hotspot running, of course) you can tether the phone: start ssh server on the phone by running the command "sshd -dD" inside termux app on the phone ("d" option is for debugging and can be dropped); connect your laptop to hotspot; run an appropriate ssh command on the laptop (see the link); configur proxy on the laptop; enjoy.
4. One of the configuration steps above involves figuring out the hotspot IP. It can be done in several ways. It is shown as the device WiFi/hotspot IP on the phone and as a gateway IP on a tethered device. On tethered linux device the hotspot has hostname "_gateway" one can use hostname instead of IP. I do not know if the same is true for Mac or Windows.
5. You can automate the process by installing two paid apps: "Tasker" and "Termux:Tasker". With these apps you can automatically start/stop ssh server on the phone whenever hotspot is active.
6. Similarly, on the laptop you should be able to automate proxy configuration and ssh connection whenever you are connected to a specific network.
Here is the guide:
GitHub - RiFi2k/unlimited-tethering: Bypass tethering caps or throttling on cell phone unlimited data plans. Potentially cancel your internet and route your whole home though your unlimited data plan.
Bypass tethering caps or throttling on cell phone unlimited data plans. Potentially cancel your internet and route your whole home though your unlimited data plan. - GitHub - RiFi2k/unlimited-tethe...
github.com
myechophone said:
Hi, the stock phone limits the hotspot/ tethering functionality. Any recommendations on how to bypass the same or an app that allows unrestricted tethering?
My unlocked Samsung phone allows full tethering.
Thanks in advance!
Click to expand...
Click to collapse
i was using easytether for a while but tbh it was a pain with having to installing software on my pc and lag in games so i ended up rooting and using vpn hotspot with adguard. works like a charm
if you have access to kernel source, you should be able to enable ttl changing like I did on my S10+. Then once the new kernel was built, I could change ttl for my native hotspot to always show as if it was using on device data instead of metered wifi hotspot. So I can now use my native hotspot uncrippled and my carrier see's all my traffic as normal on device data and not hotspot data
PizzaG said:
if you have access to kernel source, you should be able to enable ttl changing like I did on my S10+. Then once the new kernel was built, I could change ttl for my native hotspot to always show as if it was using on device data instead of metered wifi hotspot. So I can now use my native hotspot uncrippled and my carrier see's all my traffic as normal on device data and not hotspot data
Click to expand...
Click to collapse
The kernel source seems to be incomplete.
mthous01 said:
The kernel source seems to be incompleteP
Click to expand...
Click to collapse
Ah ok, then PdaNet is pry your best bet. Sucks but better than nothing...
PDANet+ on Linux works great for me. Start the Wifi Direct hotspot on the Android app, and then connect to the SSID it creates normally using network manager or whatever you use. Trick then is to enter the proxy settings into advanced networks settings. Works great with no noticeable lack of speed. If you use the terminal and APT, or whatever the equiv is in your distro, you'll also want to edit the .conf file to include the details, for apt.conf, it's something like "Acquire::http:roxy "192.168.49.1:8000";"
Jimmyyahoo said:
PDANet+ on Linux works great for me. Start the Wifi Direct hotspot on the Android app, and then connect to the SSID it creates normally using network manager or whatever you use. Trick then is to enter the proxy settings into advanced networks settings. Works great with no noticeable lack of speed. If you use the terminal and APT, or whatever the equiv is in your distro, you'll also want to edit the .conf file to include the details, for apt.conf, it's something like "Acquire::http:roxy "192.168.49.1:8000";"
Click to expand...
Click to collapse
You must not be on Android 11? PdaNet was a PITA for me on 11. PdaNet proxy changed on every run of that app so I was constantly changing proxy in Linux. Still though, better than nothing if you can't do the ttl mod.
PizzaG said:
You must not be on Android 11? PdaNet was a PITA for me on 11. PdaNet proxy changed on every run of that app so I was constantly changing proxy in Linux. Still though, better than nothing if you can't do the ttl mod.
Click to expand...
Click to collapse
Actually I am on Android 11. The proxy address never changes. I wonder what that is a result of? Have you also installed FoxFi along with the key for full version? Not sure if that makes a difference, but that's my setup and it's been rock solid... as long as it's a computer to phone. My desire for a way to connect my Xbox to the phone and avoid the mobile hotspot usage hit, well that's another story for another board.

vpn server on android mobile

hello lads, I am interested in making Android application that can be use as VPN server, any tips where I can start from ? Is it possible ? I have not see any good topic about this in net
I just wonder why you consider an Android app as a VPN server.
Is it just a portal for a specific LAN? Or do you need a general VPN server for encrypted internet connections?
Even if you can implement basic functions of this VPN server, don't you worry about its concurrent & load capacity as a 'server'? ......
Its definitely possible but you'll have to likely root the phone first.
I turned a rooted Android phone into a VPN server by using the Linux Deploy app and UNIX tools "busy box app" then running CentOS on Linux Deploy. I installed SoftEther VPN Server on CentOS through SSH on the phone.
I wrote about it in a forum. If you google "Turn a flashed to verizon phone into vpn server" it will come up in Aspkin forum and you can see me work through it.
This way is 100% free and SoftEther will tunnel straight through a firewall using port 443 unlike any paid app so you can leave the phone hidden anywhere connected to WiFi and as long as you use SoftEther Client and the DNS host name to connect to the server. It wont work if you use a openVPN or L2TP/IPsec client without opening ports on the router of the wifi connection, or the server IP address (which would be a local ip if connected to wifi hidden somewhere).
Click to expand...
Click to collapse
James_Watson said:
I just wonder why you consider an Android app as a VPN server.
Is it just a portal for a specific LAN? Or do you need a general VPN server for encrypted internet connections?
Even if you can implement basic functions of this VPN server, don't you worry about its concurrent & load capacity as a 'server'? ......
Click to expand...
Click to collapse
Thank you for your reply. I just want to make a VPN server that uses a mobile network and accepts connection from 1 device(concurrent or load capacity or encryption does not matter). It is a small part of my application and not for commercial use. so, everything is possible, to root a device or another way to do my goal.

Categories

Resources