SSH SOCKS Proxy

(Dynamic port Forwarding)

In some situations it is really handy to have the possibility to use SSH Server like “gateway”/”proxy”.

Nice example:
You are working in a company where you cannot access to your gmail.com website. It is blocked at company proxy server. As well you have another mail account at hotmail.com this is as well not accessible. But you have a SSH server with public IP.

Haw we can use this:
- SSH I providing the TCP port Forwarding option. In this case we would use several port forwarding session as we need to access more web sites. (This is nice but not usable for this cause)
- SSH is providing the SOCKS proxy option. SSH can listen on your local TCP port and forward the whole traffic from your browser in to SSH tunnel. (This is nice solution that you can use)

Description: “ -D [bind_address:]port “
Example: “ ssh -D <Listening_Local_IP>:<Listening_Local_TCP_port> user@server_IP ”

To start the SOCKS Proxy is really easy. All that you need is to:
- Check what TCP port it is possible to use
- Open SSH Session to SSH Server
- Configure the application to use the correct IP and TCP port for SOCKS proxy. (For this you'll need to check your application. Application “tsocks” can help in the case that your application do not support SOCKS proxy.)

[root@SSH_Client ~]# netstat -nap | grep 2222                                 # The TCP port 2222 is free and we can use it
[root@SSH_Client ~]#

[root@SSH_Client ~]# ssh -D 10.0.12.110:2222 root@10.0.12.111                  # -D [bind_address:]port
root@10.0.12.111's password:
Last login: Sat Jan 25 14:23:14 2014 from 10.0.12.110
[root@SSH_Server ~]#

[root@SSH_Client ~]#netstat -nap | grep 2222                                   # SOCKS Proxy is listening on SSH Client on 10.0.12.110:2222
tcp        0      0 10.0.12.110:2222     0.0.0.0:*     LISTEN      2018/ssh