I want to allow some devices to open http proxies on a openwrt modem, to reach external wan. I already have the road-warrior wireguard setup, this is for devices that only have unauthenticated socks options, but can setup ssh tunnels. Exploring some options...
-
create new users and lock the accounts. (i trust the users to not hunt for local exploits, but i don't want to have to trust the users
any issue providing non-admin user accounts on openwrt?) -
option1 plus, using authorized_keys options e.g. command="/bin/false",no-pty,no-X11-forwarding,no-agent-forwarding,permitopen="192.0.2.10:1234" key.... having a hard time finding if dropbear support any of those.
-
A socks proxy that i can authenticate in some parallel way instead of socks auth?
-
pppossh. Does this provide something I will be missing on the other options if all I care is about is adhoc http proxying? [...also see the guide adds keys for root user. Anyone knows why? i'm assuming it was just to keep the guide shorter?]