April 3, 2008

289 words 2 mins read

SSH based Proxy

So last week I was spending some time at a friend’s house and I decided I wanted to surf the web securely. Not because I didn’t trust my friend’s network (I helped him set it up), I just wanted to see if I _could_. Now I’ve got a server at home that runs 24/7, and it just so happens to run squid (again, not that I need it at home, I run it because I can). I thought it would be cool if I could “hook up” to that over SSH — so I googled about a bit and found the following command:

ssh -C2qTnN -L 9999:localhost:3128 RemoteUsername@RemoteServerName.com

Simple enough, but let’s explain.

9999 = the local proxy (socks) port that you will point your browser at

localhost = the host on the remote side that is running squid (proxy)

3128 = squid (proxy) port

RemoteUsername = the username for SSH

RemoveServerName.com = The remote host for SSH

So if you are SSH’ing to the machine running squid, just change the RemoteUsername and RemoveServerName.com

Another “option” is to run the following for direct proxy access.

ssh -D 9999 RemoteUsername@RemoteServerName.com

As noted, this should work for direct (no squid) access. Now, note, this did NOT work for me. I think it is because my home server is running squid in passive mode (Which means it snags all http traffic automagically using IP tables). But it might work for you.

Good luck & Secure surfing! Oh, and if you wanted to, you could create shared keys for SSH so you didn’t need to use passwords. You could even set this up as a service so you always had remote access. Ya know, if you are paranoid — or… just for fun.