Share!

SSH SOCKS proxy works almost the same way as a VPN would as you could use it to securely tunnel network traffic from your local machine to the remote SSH server.

You could use it to securely access the internet in a public network such as in a public WiFi environment, as the traffic between our host and the proxy is encrypted .

For this to work, you need to have access to a remote SSH server. You can create a SOCKS proxy using SSH client on Unix-based operating systems at the terminal.

Create SSH SOCKS proxy:

  1. Launch a terminal application.
  2. Create an SSH SOCKS proxy at the terminal from your local machine to a remote SSH server.
    $ ssh -D8080 user@remote-host
    The authenticity of host 'remote-host (54.159.155.188)' can't be established.
    ECDSA key fingerprint is SHA256:wGCE8M54I96AgSZtEDB9Y26CXmDjbHYtlL0HMpSiIRA.
    Are you sure you want to continue connecting (yes/no)? yes
    ##### snipped 

    8080 in the example is the port that your SOCKS proxy will listen to. You can choose any number from 1025 to 65535 if you're running the command as a normal user, as long as the port number is not currently in use.

    The better command to run is the following:

     ssh -D8080 -fCqN  user@remote-host
    • -f: Requests ssh to go to background just before command execution
    • -C: Requests compression of all data
    • -q: Quiet mode. Causes most warning and diagnostic messages to be suppressed
    • -N: Do not execute a remote command
  3. Check if the tunnel is running.
    $ ss -natp | grep 8080
    LISTEN  0        128               127.0.0.1:8080               0.0.0.0:*        users:(("ssh",pid=1640,fd=6))
    LISTEN  0        128                   [::1]:8080                  [::]:*        users:(("ssh",pid=1640,fd=5))
  4. Test if the tunnel is successful.
    $ curl ifconfig.me # Direct connection
    55.36.22.230
    $ curl -x socks5h://127.0.0.1:8080 ifconfig.me # Via socks proxy tunnel
    54.159.155.188
  5. Configure your browser or application to connect through you newly created tunnel.

Guide compatibility:

Operating System
Ubuntu Linux
Debian Linux
Red Hat Enterprise Linux
Fedora Linux
CentOS Linux
openSUSE Linux
SUSE Linux Enterprise Server
FreeBSD
OpenBSD
NetBSD
macOS