Creating an SSH tunnel for proxy connections

Often it is helpful to tunnel certain traffic through an SSH tunnel. If you are on a public wifi connection where you may fear someone else intercepting your email or web traffic. Or in a work environment which may block access to a site you must access through your web browser.

With an SSH tunnel, you can encrypt your traffic against the snoop and bypass corporate restrictions if you have access through port 22.

In order for this to work, you must have shell access (Unix/Linux) to a machine outside the corporate firewall and or public wifi network. With this, you can use the following instructions.

First, from a terminal emulator natively available on Linux and Mac machines enter the following command:

ssh -ND xxxx host.domain.com

xxxx = unused high port of your choice.

You will be prompted for your password at this time. Once entered the terminal will keep control of your curser until the connection is terminated. This will provide you with a visual indicator that the connection is live.

I recommend Firefox as a browser for proxy settings only because it is the only browser that allows independent control over the proxy settings.  All other browsers lack their own proxy configurations relying upon the system settings which are universally applied.

To make the necessary changes¬†you will want to navigate to Preferences –> Advanced –> Network –> Settings on a Mac or Tools –> Options –> Advanced –> Network –> Settings in Windows and make changes as shown in the image below.

firefox-network

Click on the radio button Manual proxy configuration:

Add the following to SOCKS Host: localhost

Click the SOCKS v5 radio button.

Add the following to No Proxy for: localhost, 127.0.0.1.

You may wish to add any domains that require internal DNS such as corporate websites that are only available within the network.

Once you apply these settings you should be able to browse encrypting your traffic and bypassing any corporate web filtering.

Remember to move back to No proxy settings once you break the SSH tunnel connection or browsing will not be possible.

Note: Many other applications can take advantage of proxy connections such as email, FTP and Bittorrent clients. Windows users using PuTTY require additional configurations which are not yet covered within any of my documents.

jhudgins has written 32 articles

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>