How to install software on firewalled server

Quick answer: Create a reverse SSH proxy:

Create a dynamic tunnel with command ssh -D 51010 localhost — this command create a dynamic SSH proxy from your local machine;

Then SSH to the remote machine with command like this: ssh -R 51010:127.0.0.1:51010 firewalled-server. It will forward your dynamic SSH proxy to the remote machine, so you’ll get kind of a “poor man VPN” on it;

Finally install the software using the proxychains command (or update the apt.conf), see below.

Preparation

• At host machine open terminal and SSH to self, in order to create dynamic tunnel:

  ssh -D 51010 localhost
  

• Now in new termial tab, SSH to the remote machine ¹:

  ssh -R 51010:127.0.0.1:51010 firewalled-server
  

• Check that everything works fine (I assume that curl is already installed):

  ALL_PROXY="socks5://127.0.0.1:51010" curl ifconfig.co
  ALL_PROXY="socks5h://127.0.0.1:51010" curl ifconfig.co
  

If both commands was failed, check sshd settings on the firewalled server (does port forwarding enabled etc.), and if only the first command failed ², then it looks that DNS resolution also firewalled

Almost ready!

Installing packages

There is two options available:

• “socksify” apt-get through proxychains ³:

  proxychains4 -q -f /home/user/.proxychains/proxychains.conf
  apt-get -yqq install ngrep sngrep
  

• Or by creating entry in apt.conf file ⁴:

  Setup proxy in apt.conf

  echo 'Acquire::socks::Proxy "socks5h://127.0.0.1:51010/";' \
    >> /etc/apt/apt.conf
  

  and then install packages with apt-get:

  apt-get -yqq install ngrep sngrep
  

  (Don’t forget to comment out or remove proxy directive in apt.conf after installation)