SSH is great.
I never get tired of talking about how great it is, and it would be remiss of me to not mention one of its best features: the ability to quickly and easily set up a SOCKS proxy.
In the previous sections, we forwarded individual ports, but what if we were using a bastion host to connect to a slew of different websites within a network? Would you like to add tens of lines to your SSH config file? Or manually type out each port and mapping every time?
I didn't think so.
That's where the -D flag comes in.
See -D [bind_address:]port in the SSH manual page (https://man.openbsd.org/ssh):
Specifies a local "dynamic" application-level port forwarding. This works by allocating a socket to listen to port on the local side, optionally bound to the specified bind_address. Whenever a connection is made to this port, the connection...
