Covert communications on Linux
Secret Tunnels

Moving data to and from Linux systems under the radar.
We have all been there: You plug in or connect to the wireless network, and it doesn't work right. Then you try to ssh to your server and you get "connection failed." Trying to connect to your mail server on port 25 using TLS (Transport Layer Security, aka encryption) leaves you staring at the banner for the local ISP's mail proxy, or you get another failed connection. But all is not lost – at least you can surf the web. Unfortunately, every time you mistype a URL, you end up at the ISP's search page, and anything with questionable content, such as hacking, is blocked.
At this point, you have two choices: find a good book to read, or use VPN software to get a connection to a remote host by bypassing whatever breakage or filtering is occurring. However, some of the really evil – or just plain incompetent – ISPs also block common VPN software and SSH in an effort to prevent unfettered Internet access through their networks. Much like trying to stop a cat from getting into a cardboard box, if you try to prevent geeks from doing something, the chances are they will only try that much harder.
If you can pass any form of data to a remote system (IPSec, SSH, http, instant messages, smoke signals), then you can use that channel to carry anything you want. An ISP can only block or filter so much traffic before it becomes completely unusable. The trick is to find a network protocol that is allowed and that is not modified (much) on the fly and that can do this with existing software that lets you tunnel data over the top of it.
[...]
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

News
-
System76 Releases COSMIC Alpha 7
With scores of bug fixes and a really cool workspaces feature, COSMIC is looking to soon migrate from alpha to beta.
-
OpenMandriva Lx 6.0 Available for Installation
The latest release of OpenMandriva has arrived with a new kernel, an updated Plasma desktop, and a server edition.
-
TrueNAS 25.04 Arrives with Thousands of Changes
One of the most popular Linux-based NAS solutions has rolled out the latest edition, based on Ubuntu 25.04.
-
Fedora 42 Available with Two New Spins
The latest release from the Fedora Project includes the usual updates, a new kernel, an official KDE Plasma spin, and a new System76 spin.
-
So Long, ArcoLinux
The ArcoLinux distribution is the latest Linux distribution to shut down.
-
What Open Source Pros Look for in a Job Role
Learn what professionals in technical and non-technical roles say is most important when seeking a new position.
-
Asahi Linux Runs into Issues with M4 Support
Due to Apple Silicon changes, the Asahi Linux project is at odds with adding support for the M4 chips.
-
Plasma 6.3.4 Now Available
Although not a major release, Plasma 6.3.4 does fix some bugs and offer a subtle change for the Plasma sidebar.
-
Linux Kernel 6.15 First Release Candidate Now Available
Linux Torvalds has announced that the release candidate for the final release of the Linux 6.15 series is now available.
-
Akamai Will Host kernel.org
The organization dedicated to cloud-based solutions has agreed to host kernel.org to deliver long-term stability for the development team.