How to use an SSH connection as a SOCKS proxy this article I will describe how to use an SSH connection as a SOCKS proxy. This basically means that you can route the network traffic of any application or even your entire systems traffic through an SSH connection.



You may already know the standard way to establish an SSH connection by providing your username and the remote hosts ip or URL:

$ ssh username@url_or_ip_of_remotehost

By providing the "-D" parameter, ssh will act as a SOCKS server and listen on the given port (9090) for incoming connections. All other parameters in this example are optional and are described further below:

$ ssh -q -f -C -N -D 9090  username@url_or_ip_of_remotehost

Now you can configure any application or even your entire system to use (port 9090 on localhost) as a SOCKS proxy.

Notice: You may want to replace 9090 by any free port between 1024 and 49151. In case you have a fast internet connection, leave the "-C" parameter out.

Explanation of the parameters:

-q Quiet mode (Optional)
-f ssh will go to background before command execution (Optional)
-C Compression of all data by using the same algorithm as gzip. Compression is desirable on modem lines and other slow connections, but will only slow down things on fast networks. (Optional)
-N Do not execute a remote command. This is useful for just forwarding ports (Optional)
-D Specifies a local application-level port forwarding by allocating a socket to listen to the specified port on the local side. Whenever a connection is made to this port, the connection is forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. Currently the SOCKS4 and SOCKS5 protocols are supported, and ssh will act as a SOCKS server. Only root can forward privileged ports. (Required)

Legal notice: image from wikimedia, released under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 of the License, or any later version


About M0nk3ym0nk3y

M0nk3ym0nk3y is one of the three LinuxM0nk3ys from Linux M0nk3ys @ WordPress Linux M0nk3ys @ YouTube Linux M0nk3ys @ Twitter

Posted on February 28, 2014, in Command-Line, Network, SSH and tagged , , , , , , , , , , , , . Bookmark the permalink. 3 Comments.

  1. Nice article. I hope you would love to share your desktop/laptop internet through free wifi hotspot. Plz have a look on my article it would definitely help you. 🙂

  2. Nice article, I wonder however if you could add some example of it running. Like a ping that reflect the application going through that proxy as uposed to be on regular connection.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: