How to proxy using SSH -- Now with more SOCKS
by Ken Gribble
This document can be found at:
If you have a secure remote server you can use, such as a home machine (with a static IP), you can use it to securely proxy a browsing session with SSH. This might be useful if you aren’t sure about the security of a wireless network you are borrowing at a conference, coffee shop or library, for example.
OpenSSH includes SOCKS. So, command-line ssh, with appropriate options, will start a secure remote server proxy:
$ ssh -D 8080 firstname.lastname@example.org
Now port 8080 on your local machine is a SOCKS proxy; HTTP traffic will go through port 8080 to the SSH tunnel to the machine remote.cs.ucdavis.edu and then out to the Internet.
Most modern browsers support SOCKS -- to setup Firefox, open Preferences (under Edit din Windows, under “Firefox” in MacOS) :
Select Manual Proxy
Fill in: SOCKS Proxy: localhost -- Port: 8080
Select SOCKS v5 (OpenSSH supports both versions 4 and 5, if you are using that).
Use similar settings for your non-Firefox browser.
Configuring Socks Proxy in Mac OSX
1. Open a terminal and type:
ssh -D 8080 email@example.com
2. Open System Preference/Networks/Advanced/Proxies
Configure the Socks Proxy like this:
Check your IP with a “What’s my IP Address” service, such as http://www.ipchicken.com, it should be the IP address, and hostname of the remote server.
I re-discovered this method for use with my Rocks Cluster. I needed to browse some of the cluster-local nodes, when running hadoop, which were righteously blocked by the front-end’s firewall. It has also been useful as a tool for network diagnosis.