SSH SOCKS5 proxy
Route web traffic securely without a VPN using a SOCKS tunnel with ssh:
$ ssh -D 8080 -f -C -q -N [email protected]
- -D 8080 tells ssh to launch a SOCKS server on port 8080 locally.
- -f Forks the process to the background.
- -C Compresses the data before sending it.
- -q Uses quiet mode.
- -N Tells SSH that no command will be sent once the tunnel is up.
To use socks5 in curl try:
curl -x socks5h://localhost:8080 http://myip.country
SSH tunnel / TCP forwarding
If you only need to access an open port on the remote server:
$ ssh -L 8080:localhost:1234 -Nf [email protected]
-L will do a local port forwarding from port
8080 (your computer)
localhost (the remote server), then in your browser just enter:
If this is a web server you will see hopefully the content, but you could also use this technique for a database, for example
$ ssh -L 3307:localhost:3306 [email protected]
This will forward port 3307 (your computer) to
3306 remotely (mysql server)
$ mysql -h localhost -P 3307
You can read/remember this as
-L forward my local port
remote address (localhost/google.com/any-server.tld at port
Manage your pfsense
If you could could ssh to a server within your infrastructure you could do then:
ssh -L 8443:192.168.1.1:443 -Nf <user>@host
Then in your browser:
Provide internet to a server behind a firewall
Enable ssh on your desktop/laptop (from where you are connecting) and then:
ssh -t -D 1080 localhost ssh -R 1080:localhost:1080 [email protected]
Then you could use socks5 from the remote server:
curl --socks5-hostname 127.0.0.1:1080 http://myip.country
curl -x socks5h://127.0.0.1:1080 http://myip.country
Then to use it:
export http_proxy=socks5h://127.0.0.1:1080 export https_proxy=socks5h://127.0.0.1:1080
If need to install
pipenv you may need
yum install privoxy
Edit the configuration file
/etc/privoxy/config and add this line:
forward-socks5 / 127.0.0.1:1080 .
Start the service and then you could use:
export http_proxy=http://127.0.0.1:8118 export https_proxy=http://127.0.0.1:8118