A Very Easy SSH Proxy/Tunnel

Whether your ISP is filtering content or you just want some privacy on the internet, there is always a quick solution, and it is surprisingly easy to set up.

Basically, all you need to do is SSH to any Shell account that you have access to (it can even be your own PC from another location) with the option -D. For example:

ssh -D 7070 user@site.com

will connect to site.com as user, and create a proxy server at port 7070 (this does not need to be set up on the shell).

Then all you have to do is configure your browser/IM/torrent clients to use "localhost" as a SOCKS v5 server. For Firefox, this is in Edit > Preferences (or Tools > Options on Windows). Click the Advanced tab, and then the Network tab under it. Then open Settings, and select Manual Proxy Configuration. Type localhost ONLY in the SOCKS Host box, and type the same port number you used above.

That's it! To turn the proxy off, close your SSH session and change your browser settings back.

Just yet another use for SSH.

Note: Reader Don McArthur has tipped us off that you might need to make some changes to your SSH server before this will work. If it doesn't, add these lines to /etc/ssh/sshd_config:

AllowTcpForwarding yes
GatewayPorts yes
TCPKeepAlive yes

Calling all FOSSwire readers! We’re looking for your feedback - answer our reader survey and you could win an awesome FOSSwire t-shirt (we’ll ship anywhere on this planet).

Avatar for jacob Jacob Peddicord - http://jacob.peddicord.net/

Jacob is a web developer, student, and programmer from Ohio. He is a staff member at the Ubuntu Forums and is most likely a fanboy of the distribution. He loves to write in code and words, play video games, and rant about topics most would have abandoned long ago. Jacob uses GNOME and is never seen running stable software, much to the demise of his laptop.

Home » Articles »

Discussion: A Very Easy SSH Proxy/Tunnel

  1. Don McArthur (guest)

    # Posted on 02 September 2007 at 07:21 PM

    Not quite finished. On the sshd server side you need to make sure the following changes are made to /etc/ssh/sshd_config file:

    AllowTcpForwarding yes

    GatewayPorts yes

    TCPKeepAlive yes

    ...restart the sshd server after you make the changes.

    <em>[Thanks for that! I've added the information to the article. --Jacob]</em>

  2. diego (guest)

    # Posted on 02 September 2007 at 08:37 PM


  3. Ali (guest)

    # Posted on 04 September 2007 at 08:24 AM


    That's a very nice tip. I tried it and it didn't work for me. I get this error every time I try to open a web site:

    'channel 3: open failed: administratively prohibited: open failed'

    I have a free sheell acount with arbornet, maybe they block this kind of traffic? Do you recommend a cetain shell account?


  4. Topopardo (guest)

    # Posted on 04 September 2007 at 03:29 PM

    Fantastic tip! Now I can use my college's servers as a proxy to access out online library books and more!

  5. Erix (guest)

    # Posted on 15 April 2009 at 09:50 AM

    hi there! it is nice trick but let me ask a question! is this USER@site.com must be exist or not? if it is needed then how can i create it while it is blocked!

  6. Chris (guest)

    # Posted on 28 May 2009 at 07:26 PM

    this is one of the most wicked posts i've ever seen in my life!

    This technically means any cheap unlimited VPS server could be used as a socks proxy LOL

Home » Articles » A Very Easy SSH Proxy/Tunnel