Ssh Socks5


HTTP & SOCKS Rotating & Static Proxies

  • 72 million IPs for all purposes
  • Worldwide locations
  • 3 day moneyback guarantee


Create a SOCKS proxy on a Linux server with SSH to bypass ...

Create a SOCKS proxy on a Linux server with SSH to bypass …

Mattias Geniar, January 19, 2017
Follow me on Twitter as @mattiasgeniar
Are you on a network with limited access? Is someone filtering your internet traffic, limiting your abilities? Well, if you have SSH access to _any _server, you can probably set up your own SOCKS5 proxy and tunnel all your traffic over SSH.
From that point on, what you do on your laptop/computer is sent encrypted to the SOCKS5 proxy (your SSH server) and that server sends the traffic to the outside.
It’s an SSH tunnel on steroids through which you can easily pass HTTP and HTTPs traffic.
And it isn’t even that hard. This guide is for Linux/Mac OSX users that have direct access to a terminal, but the same logic applies to PuTTy on Windows too.
You set up a SOCKS 5 tunnel in 2 essential steps. The first one is to build an SSH tunnel to a remote server.
Once that’s set up, you can configure your browser to connect to the local TCP port that the SSH client has exposed, which will then transport the data through the remote SSH server.
It boils down to a few key actions;
You open an SSH connection to a remote server. As you open that connection, your SSH client will also open a local TCP port, available only to your computer. In this example, I’ll use local TCP port:1337.
You configure your browser (Chrome/Firefox/…) to use that local proxy instead of directly going out on the internet.
The remote SSH server accepts your SSH connection and will act as the outgoing proxy_/vpn_ for that SOCKS5 connection.
To start such a connection, run the following command in your terminal.
$ ssh -D 1337 -q -C -N
What that command does is;
-D 1337: open a SOCKS proxy on local port:1337. If that port is taken, try a different port number. If you want to open multiple SOCKS proxies to multiple endpoints, choose a different port for each one.
-C: compress data in the tunnel, save bandwidth
-q: quiet mode, don’t output anything locally
-N: do not execute remote commands, useful for just forwarding ports
the remote SSH server you have access to
Once you run that, ssh will stay in the foreground until you CTRL+C it to cancel it. If you prefer to keep it running in the background, add -f to fork it to a background command:
$ ssh -D 1337 -q -C -N -f
Now you have an SSH tunnel between your computer and the remote host, in this example
Next up: tell your browser to use that proxy. This is something that should be done per application as it isn’t a system-wide proxy.
In Chrome, go to the chromesettings/ screen and click through to Advanced Settings. Find the Proxy Settings.
In Firefox, go to Preferences > Advanced > Network and find the Connection settings. Change them as such:
From now on, your browser will connect to localhost:1337, which is picked up by the SSH tunnel to the remote server, which then connects to your HTTP or HTTPs sites.
This has some advantages and some caveats. For instance, most of your traffic is now encrypted.
What you send between the browser and the local SOCKS proxy is encrypted if you visit an HTTPs site, it’s plain text if you visit an HTTP site.
What your SSH client sends between your computer and the remote server is always encrypted.
What your remote server does to connect to the requested website may be encrypted (if it’s an HTTPS site) or may be plain text, in case of plain HTTP.
Some parts of your SOCKS proxy are encrypted, some others are not.
If you’re somewhere with limited access, you might not be allowed to open an SSH connection to a remote server. You only need to get an SSH connection going, and you’re good to go.
So as an alternative, run your SSH server port on additional ports, like:80, :443 or:53: web and DNS traffic is usually allowed out of networks. Your best bet is:443, as it’s already an encrypted protocol and less chance of deep packet inspection middleware from blocking your connection because it doesn’t follow the expected protocol.
The chances of:53 working are also rather slim, as most DNS is UDP based and TCP is only use in either zone transfers or rare DNS occasions.
Visit any “what is my IP” website and refresh the page before and after your SOCKS proxy configuration.
If all went well, your IP should change to that of your remote SSH server, as that’s now the outgoing IP for your web browsing.
If your SSH tunnel is down, crashed or wasn’t started yet, your browser will kindly tell you that the SOCKS proxy is not responding.
If that’s the case, restart the ssh command, try a different port or check your local firewall settings.
Want to subscribe to the newsletter?
I write a weekly-ish newsletter on Linux, open source & webdevelopment called
It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.
No spam. Just some good, practical Linux & open source content.
How can I use SSH with a SOCKS 5 proxy? - Super User

HTTP Rotating & Static

  • 40 million IPs for all purposes
  • 195+ locations
  • 3 day moneyback guarantee


How can I use SSH with a SOCKS 5 proxy? – Super User

I have a SOCKS5 proxy set up through PuTTY with port 7777 configured as a dynamic port. I can use firefox/filezilla/etc by configuring them to use a SOCKS proxy with localhost and port 7777. But I can’t figure out how to ssh (through Cygwin) to a remote server by using the dynamic port. Is this possible?
I’ve tried using ProxyCommand via the following method.
Create ~/ with the following line:
ProxyCommand /usr/bin/nc -X connect -x 127. 0. 1:7777%h%p
Run ssh -p22 [email protected]
The message I get is ssh_exchange_identification: Connection closed by remote host
Braiam4, 6203 gold badges24 silver badges57 bronze badges
asked Jul 26 ’12 at 15:09
You are using ‘connect’ for HTTPS as your proxy version, this is from man nc:
-X proxy_version Requests that nc should use the specified protocol when talking to the proxy server. Supported protocols are ”4” (SOCKS v. 4), ”5” (SOCKS v. 5) and ‘connect’ (HTTPS proxy). If the protocol is not specified, SOCKS version 5 is used.
So you should use the following to use SOCKS 5:
ProxyCommand /usr/bin/nc -X 5 -x 127. 1:7777%h%p
Or simply:
ProxyCommand /usr/bin/nc -x 127. 1:7777%h%p
I hope it helps.
answered Jul 26 ’12 at 16:24
ssh -o ProxyCommand=’nc –proxy-type socks4 –proxy 127. 1:9050%h%p’ [email protected]
fc19 x86_64, Ncat: Version 6. 25
answered Oct 19 ’13 at 6:53
user264910user2649101611 silver badge2 bronze badges
tsocks () is a nice wrapper that uses LD_PRELOAD to make any program use SOCKS proxy transparently:
tsocks ssh
Just works, remember to configure SOCKS proxy IP in /etc/
answered May 23 ’16 at 8:30
neutrinusneutrinus1691 silver badge3 bronze badges
This following command will do, to just use nc:
ssh -o “ProxyCommand=nc –proxy localhost:7000%h%p”
Default is HTTP proxy, there is an HTTP proxy running on port 7000.
answered Nov 21 ’18 at 9:58
Just to make it more simple, you could put these in ~/
host =
ProxyCommand nc -X 5 -x 127. 1:9150%h%p
Any ssh command in terminal will now get through this proxy.
answered Oct 2 ’20 at 8:22
Not the answer you’re looking for? Browse other questions tagged linux proxy ssh cygwin socks or ask your own question.
How to Set up SSH SOCKS Tunnel for Private Browsing

How to Set up SSH SOCKS Tunnel for Private Browsing

There are times when you want to browse the Internet privately, access geo-restricted content or bypass any intermediate firewalls your network might be option is to use a VPN, but that requires installing client software on your machine and setting up your own VPN server
or subscribing to a VPN simpler alternative is to route your local network traffic with an encrypted SOCKS proxy tunnel. This way, all your applications using the proxy will connect to the SSH server and the server will forward all the traffic to its actual destination. Your ISP (internet service provider) and other third parties will not be able to inspect your traffic and block your access to tutorial will walk you through the process of creating an encrypted SSH tunnel and configuring Firefox and Google Chrome
web browsers to use SOCKS erequisites Server running any flavor of Linux, with SSH access to route your traffic through up the SSH tunnel We’ll create an SSH tunnel
that will securely forward traffic from your local machine on port 9090 to the SSH server on port 22. You can use any port number greater than 1024, only root can open ports on privileged and macOS If you run Linux, macOS or any other Unix-based operating system on your local machine, you can easily start an SSH tunnel with the following ssh
command:ssh -N -D 9090 [USER]@[SERVER_IP]The options used are as follows:-N – Tells SSH not to execute a remote command. -D 9090 – Opens a SOCKS tunnel on the specified port number. [USER]@[SERVER_IP] – Your remote SSH user and server IP run the command in the background use the -f your SSH server is listening on a port other than 22
(the default) use the -p [PORT_NUMBER] you run the command, you’ll be prompted to enter your user password. After entering it, you will be logged in to your server and the SSH tunnel will be can set up an SSH key-based authentication
and connect to your server without entering a dows Windows users can create an SSH tunnel using the PuTTY SSH client. You can download PuTTY here
Putty and enter your server IP Address in the Host name (or IP address) the Connection menu, expand SSH and select Tunnels. Enter the port 9090 in the Source Port field, and check the Dynamic radio on the Add button as shown in the image back to the Session page to save the settings so that you do not need to enter them each time. Enter the session name in the Saved Session field and click on the Save the saved session and log in to the remote server by clicking on the Open button. A new window asking for your username and password will show up. Once you enter your username and password you will be logged in to your server and the SSH tunnel will be tting up public key authentication
will allow you to connect to your server without entering a nfiguring Your Browser to Use Proxy Now that you have open the SSH SOCKS tunnel, the last step is to configure your preferred browser to use refox The steps below are the same for Windows, macOS, and the upper right-hand corner, click on the hamburger icon ☰ to open Firefox’s menu:Click on the ⚙ Preferences down to the Network Settings section and click on the Settings… button. A new window will the Manual proxy configuration radio 127. 0. 1 in the SOCKS Host field and 9090 in the Port the Proxy DNS when using SOCKS v5 on the OK button to save the this point, your Firefox is configured and you can browse the Internet through the SSH tunnel. To verify, you can open, type “what is my ip” and you should see your server IP revert back to the default settings go to Network Settings, select the Use system proxy settings radio button and save the are also several plugins that can help you to configure Firefox’s proxy settings such as FoxyProxy
Chrome Google Chrome uses the default system proxy settings. Instead of changing your operating system proxy settings you can either use an addon such as SwitchyOmega
or start Chrome web browser from the command launch Chrome using a new profile and your SSH tunnel use the following command:Linux:/usr/bin/google-chrome
macOS:”/Applications/Google Chrome”
Windows:”C:Program Files (x86)GoogleChromeApplication” ^

Frequently Asked Questions about ssh socks5

About the author


If you 're a SEO / IM geek like us then you'll love our updates and our website. Follow us for the latest news in the world of web automation tools & proxy servers!

By proxyreview

Recent Posts

Useful Tools