2012

SSH SOCKS5 Proxy

Procedure

Linux SSH SOCKS5 Proxy

OpenSSH supports dynamic port forwarding (SOCKS tunnels specified via a subset of the SOCKS protocol) through a remote SSH server that allows the user to create a local SOCKS proxy.

ssh -f -C2qTnN -D 1080 <username>@<remote SSH server>

The Linux procedure also works on OS X.

The options used in the SSH command

-f: Requests ssh to go to background just before command execution. A password dialog will occur before ssh goes to the background.
-C: compression
-2: protocol version 2 only.
-q: Quiet mode
-T: Disable pseudo-tty allocation.
-n: prevents reading from stdin. This must be used when ssh is run in the background.
-N: Do not execute a remote command. Useful for just forwarding ports (protocol version 2 only).
-D: [bind_address : ] port - local "dynamic" application-level port forwarding

Ending the SOCKS5 proxy

Find the PID of the background job supporting the proxy with:

ps -ef | grep 'ssh -f' | grep -v grep

End the job with:

kill -9 <PID>

Firefox proxy configuration

In Firefox: Edit -> Preferences -> Advanced -> Network -> Settings -> Manual proxy configuration

SOCKS Proxy 127.0.0.1 Port 1080

Check the box for "SOCKS v5"

In Firefox: about:config network.proxy.socks_remote_dns true

The proxies configuration in Firefox can be toggled between "No Proxy" and "Manual proxy configuration" without affecting the proxy configuration details.

Windows SSH SOCKS5 Proxy

PuTTY is a Win32 SSH client that also supports local creation of SOCKS (dynamic) tunnels through remote SSH servers.

PuTTY Win32 SSH could be used as the client on a Windows machine with a similar Firefox configuration.

More Information

Definitions

SOCKS: SOCKet Secure (SOCKS) is an Internet protocol that routes network packets between a client and server through a proxy server. SOCKS5 additionally provides authentication so only authorized users may access a server.
OpenSSH: OpenBSD Secure Shell is a set of computer programs providing encrypted communication sessions over a computer network using the SSH protocol.
SSH: Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers that connects, via a secure channel over an insecure network, a server and a client (running SSH server and SSH client programs, respectively). The protocol specification distinguishes two major versions that are referred to as SSH-1 and SSH-2. The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet.
Intranet: A computer network that uses Internet Protocol technology to share information, operational systems, or computing services within an organization.
Internet: A global network of networks that consists of millions of private, public, academic, business, and government networks, that are linked by a broad array of electronic, wireless and optical networking technologies using the standard Internet protocol suite.

Retrieved from " https://intrawiki.arsc.edu/index.php/SSH_SOCKS5_Proxy"
- Monday, December 17, 2012 @ 1:36:47 PM (Alaska Time)

1 SSH SOCKS5 Proxy
- 1.4 Procedure
- 1.5 More Information
  - 1.5.1 Definitions

SSH SOCKS5 Proxy12/17/2012