Use SSH to Create an HTTP Proxy

 in

SOCKS is built in to OpenSSH, so it's a trivial matter to set up a local SOCKS proxy with the -D flag. For example:

$ ssh -D 12345 myuser@remote_ssh_server

will open up the port 12345 on your local machine as a SOCKS proxy so all your HTTP traffic can be specified to go through the SSH tunnel and out remote_ssh_server on the other end. Your proxy server is now set up.

Next, set up your browser to use the proxy server. Most browsers include proxy support. For Firefox 3, go to Edit→Preferences→Advanced→Network→Settings, and specify that you want to use a Manual Proxy, localhost, port 12345 and SOCKS v5 (although OpenSSH supports both versions 4 and 5).

Now your browser is using a secure tunnel to your remote SSH server.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

socks in download manager

omid's picture

hello guys ,

how can i set socks proxy configuration for download files in for example internet download manager ?
or is there any download manager that you know which can download with this type of proxy server , i mean socks host proxy ?

is it possible ?

Thanks A Lot ,
Omid

No easy

Frank Merlott's picture

I don't think it is that easy, what about the server side configuration? Now that is the difficult part.

SOLVED: I'm getting white screens

Renich's picture

Ok, the problem was that I had something in HTTP Proxy (The first input). I had to leave it blank and add this config to SOCKS only.

SOCKS Host: 127.0.0.1 port: 12345 (I, actually, used 8080) with
ssh -C2qTnN -D 8080 user@my_server

but I'm sure it's gonna work with port 12345, hehe.

It's hard to be free... but I love to struggle. Love isn't asked for; it's just given. Respect isn't asked for; it's earned!
Renich Bon Ciric

http://www.woralelandia.com/
http://www.introbella.com/

I'm getting white screens

Renich's picture

I'm using Firefox 3.0.10 and Fedora 10.

It seems to work partially. I'm getting white screens instantly and, if I shutdown the ssh tunnel, it gives me an instant error.

What could be wrong with my proxy? I'm using my super-cool Dreamhost server for the tunnel... anything they could be blocking?

It's hard to be free... but I love to struggle. Love isn't asked for; it's just given. Respect isn't asked for; it's earned!
Renich Bon Ciric

http://www.woralelandia.com/
http://www.introbella.com/

plink.exe putty.exe on windows

Border's picture

You can use plink.exe or putty.exe on windows.

http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

More details; also tunneling the DNS requests

Gerard Braad's picture

ssh -D 8080 -f -C -q -N myuser@remote_ssh_server

-D 8080 : This does the dynamic stuff and makes it behave as a SOCKS server.
-f : This will fork the process into the background after you type your password.
-C : Turns on compression.
-q : Quiet mode. Since this is just a tunnel we can make it quiet.
-N : Tells it no commands will be sent. (the -f will complain if we don’t specify this)

In Firefox use about:config

network.proxy.no_proxies_on : localhost, 127.0.0.1, 192.168.0.0/24, .yourcompany.com
network.proxy.socks : 127.0.0.1
network.proxy.socks_port : 8080
network.proxy.socks.remote_dns : true
network.proxy.socks_version : 5
network.proxy.type : 1

The setting remote_dns will make sure also your dns requests will be tunneled over the SOCKS proxy

When surfing web sites, just displays a blank page

gtkfreak's picture

I did exactly as the tip stated. Logged into the Ubuntu box and gave above ssh command.

However, when I enter www.google.com, it just displays a blank page. Would anyone know what it the problem.

Thanks

I'm wearing two pairs of Socks

Kvetch's picture

If you find a protocol/port blocked by a corp. proxy or just needing to tunnel more than just simple http/https thru your SOCKS proxy but your app doesn't support SOCKS check out proxychains. http://sourceforge.net/projects/proxychains/
Install proxychains
Create your ssh SOCKS proxy
# ssh -fqND 5555 thedoc@tardis
Edit the /etc/proxychains.conf
uncomment the "dynamic_chain", comment out the line "strict_chain" and add a line containing the ssh socks5 port "socks5 127.0.0.1 5555"
Then just run your app with the normal cli command but with proxychains prepending the line.
For example to run the command "emerge --sync" (part of everyone's favorite package management tool, portage) just do this
# proxychains emerge --sync

-nick

DNS requests won't be proxied!!

Anonymous's picture

If you want your DNS requests from web browsing to be proxied also (SOCKSv5), make sure to open up "about:config" in Firefox and change "network.proxy.socks_remote_dns" to True.

It is called a SOCKS proxy

Ebrahim's picture

It is called a SOCKS proxy, not an HTTP proxy. An HTTP proxy is told to a proxy whose protocol is HTTP, e.g. Squid.

I'm agree with you.

guomsh's picture

I'm agree with you.

another great tip

Tuxly_Tuxford_McTuxtington's picture

I'm learning a lot with these little tips. Keep it up! :)

Background the process

Vivek's picture

For those of us who want to use terminal to do something else other having an ssh session open while running the proxy, you can prepend -f -q -N like so:

ssh -f -q -N -D 12345 myuser@remote_ssh_server

provided that you can login into your remote ssh server without a password. See this page on how to log in without a password:

http://linuxproblem.org/art_9.html

Cheers

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState