SSH, what a wonderful tool. One of the crowning achievements of the modern world, with a hundred and one different uses. One of my favorite being that of tunnelling and proxying connections over it’s secure, encrypted goodness.
I thought I’d outline how to setup a proxy system using SSH that can be used by any application that supports SOCKS proxy. This includes Firefox, Thunderbird, Gaim/Pidgin and anything that subscribes to the Gnome “Network Proxy Preferences” found in System > Preferences > Network Proxy. note: this sets the shell environment values for: http_proxy and no_proxy.
The only two requirements you’ll need for this tutorial are an internet connection (of course) and access via ssh to a remote machine. In my case I connect from my laptop while on the road to a server available at home. This could just as easily be used between an office and home or visa versa.
Use a command similar to that below to create this SOCKS supported tunnel:
ssh -D port hostname
ie; ssh -D 8080 example.com, ssh -D 8081 example.com, ssh -D 8888 example.com. In this example I am using the 8000 range ports but you should be able to use *any* available outbound port. No need to specify other ports on the remote end like you do with traditional -L tunneling.
Once this connection is established you can set your proxy settings within the application (look for any proxy prefernces) or globally in System > Preferences > Network Proxy.
Select Manual Proxy Configuration, and enter “localhost” “port” (where port is the number used following the -D) in the SOCKS (4 or 5) field provided.
At this point you’re outgoing connections will be privately routed over said port to your remote server via ssh and then out to the outside world. Enjoy your privacy and circumventing network filters.
I need to thank Aaron for initially showing me the -D option.