How do I set up a local SOCKS proxy that tunnels traffic through SSH?

firefox ssh proxy
38,132

The ssh binary that you use when you connect to a server running ssh supports running a SOCKS proxy out of the box, with the -D flag. Example:

ssh -D 1337 -f -C -q -N user@remote -p 22
  • -D 1337 tells ssh to launch a SOCKS server on port 1337 locally.
  • -f forks the process into the background.
  • -C Turns on compression.
  • -q enables "Quiet mode", since the purpose here is only to tunnel we don't really care about error output and such.
  • -N tells ssh that no commands will be sent (-f complains if we don’t specify this).
  • -p specifies what port to use; obviously this is defaulted to 22 so the statement above is pointless, but included for clarity.

When your SOCKS server is up and running, you simply need to make sure that your application (usually a web browser) is trying to connect to the local SOCKS proxy, and not the regular Internet.

In Firefox 29 (explained here as an example), this is achieved by going to the menu (the three sausages in the top right), followed by Preferences > Advanced > Network > (Connection) > Settings... - make sure you only fill out the SOCKS field! Since your proxy is on the same system, you can use localhost or 127.0.0.1 to point back at whatever port you set it to on the same system.

If you need your DNS requests to be tunneled as well (if they are not, your DNS lookups will reveal what websites you are trying to visit), you can just check on "Remote DNS" or as well do this entire configuration in about:config. In the last case, open it up and set these values:

network.proxy.socks : 127.0.0.1
network.proxy.socks_port : 1337
network.proxy.socks.remote_dns : true
network.proxy.socks_version : 5
network.proxy.type : 1

You may also need this setting to exclude certain domains or sites from tunneling:

network.proxy.no_proxies_on : localhost, 127.0.0.1, 192.168.0.0/24, .yourcompany.com

This answer was written from France, but tunneled via Sweden :)

Share:
38,132

Related videos on Youtube

pzkpfw
Author by

pzkpfw

Hello world.

Updated on September 18, 2022

Comments

  • pzkpfw
    pzkpfw over 1 year

    Assume I have access to an SSH server that supports tunneling, and I am on a PC that is running *ubuntu, how do I set up a local SOCKS proxy that tunnels the traffic through that SSH server before reaching the Internet?

  • Braiam
    Braiam almost 10 years
    This only would work on firefox.
  • pzkpfw
    pzkpfw almost 10 years
    It is in no way Firefox-specific, I included the Firefox section as a service since that is usually what people use SSH tunneling for, it would work in any application that supports SOCKS proxies (ssh doesn't care).
  • MadMike
    MadMike over 9 years
    Speaking of setting up the browser to use the proxy. If you use google chrome you will need declare the proxy in the network-settings of ubuntu, as this is what google chrome will be using. Unofficial CLI options have been available to declare the proxy without this. But as of some weeks ago this not possible anymore.
  • lakesare
    lakesare over 8 years
    Thanks, you got me out of hell. And I only got there because I didn't read through your answer properly about 10 hours ago. Should have paid attention to -D and -p part.
  • Alcalyn
    Alcalyn over 4 years
    Also easier to remember: ssh -D 1337 user@host
  • pzkpfw
    pzkpfw over 4 years
    Not sure what you mean by "easier to remember" @Alcalyn, it's not an equivalent command and does not do the same thing.
  • Alcalyn
    Alcalyn over 4 years
    I mean it shows that the most important thing is the actual -D, and this only option can also work.
  • pzkpfw
    pzkpfw over 4 years
    Sure, and it will fail if you're running SSH on any other port than 22.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to do DNS through a proxy in Firefox?
Redirect web traffic (SOCKS proxy) for a specific domain
How to make Firefox use a proxy server for localhost connections
How can I use curl to simulate a request from Firefox over a proxy?
Need to capture network traffic using proxy in selenium webdriver code
Git ssh could not resolve hostname
"Error: cannot open display: :0.0" while starting Firefox remotely
How to connect to Internet through a remote server via SSH connection
ssh as socks proxy - channel 5: open failed: connect failed: Connection refused
ssh-tunneled SOCKS proxy connection refusals on Firefox 47.0 / Kubuntu 16.04