Pages

Saturday, April 30, 2011

How To Use Your Dedicated Virtual Server As An Internet Proxy Using SSH Tunneling

internet proxy serverI explained some of the benefits of having your own virtual private server hosting account a while ago – not only are they faster and able to host many more of your sites, you can also configure W3 Total Cache for optimum performance by installing special Apache caching extensions. Today I’m going to show you how you can also use it as a private Internet proxy server for secure Internet browsing.
This is particularly beneficial in countries such as China, where most commercial proxy solutions have stopped working altogether. Read on for a full explanation of how you can go about using your own VPS hosting account as a private proxy.
First up, a few points to clear up:

Can I Use This Method With My Shared Hosting, Or Does It Need To Be A VPS Or Dedicated Server?

This method uses SSH (secure shell, or “command line” access), so generally that means you can only use it with your dedicated or virtual dedicated hosting account. Some shared hosts do allow SSH access, so search your shared host’s support documents first.

Can I Use This To Download Torrents Or Other Nefarious Illegal Activites?

No. Remember the traffic is being routed through your website / server IP address, so anything you do can be traced back to that. You will also be using part of the bandwidth allocation of your hosting account, so downloading torrents would quickly push up the monthly hosting cost.

So Why Would I Want To Do This?

Sometimes you just want another IP address when you visit a website. This can be especially useful when faced with location-specific sites that block other countries. In other cases, your country may already be blocking access to various well known proxy providers, as is the case in China. The method described here will allow you to tunnel out of the offending country and go about your daily business without having every packet you send being inspected by the great firewall.

Setting Up SSH On Windows

I’ll start with Windows as the process is a little more complicated than on Mac OsX or Linux. In order to use SSH, you’ll need to download a special client software – in this tutorial I’ll use Putty. Go ahead and download the basic putty.exe file.
When you first open Putty, there’s a few settings to fill in. First is your server domain. If you have lots of domains set up on your private hosting account then go ahead and use any of them, but they’ll need to be SSH-enabled and remember that your login/password will be unique to each domain. I don’t suggest using the root account to log in under any circumstances, even if you have enabled it.
  1. Enter the server domain on the first screen.
  2. internet proxy server
  3. Click on the SSH label on the left sidebar. Make sure compression is enabled.
  4. ssh proxy tunnel
  5. Expand the SSH label to reveal additional settings. On the Tunnels screen, enter 9090 as the Source Port and change the destination to Dynamic.
  6. ssh proxy tunnel
  7. Head back up to the sessions screen where you first entered the domain. Enter a name for your settings in the text box below saved sessions, then hit save. You can now click on this saved session in future to reload all your settings.
  8. Finally, hit Open. There is no way to save your password and username, so you’ll need to re-enter these each time you open a connection. I also had problems pasting my password in, so if you do too then try typing it one character at a time. The first time you open the connection, you may get a warning error about authenticity of certificates and such. If so, ignore it and continue.
That’s it for Windows, leave the putty connection open and move onto configuring your browser.
ssh proxy tunnel

Setting Up SSH On Linux / OsX

Open up a terminal, and type the following command,
ssh -C2qTnN -D 9090 username@yourdomain.com
After you’ve typed in your password, that’s it. Leave the terminal open while you go on to configure your browser.
setting up ssh tunnel

Configuring The Browser

I’ll explain a couple of browsers here but basically you just need to change the settings for Connection -> Proxy to be a SOCKS5 proxy, with the url localhost and port 9090.
On Internet Explorer
Click the Tools -> Internet Options -> Connections tab. Tick Use a Proxy server and click Advanced. Fill in ONLY the SOCKS proxy as address localhost and port 9090
setting up ssh tunnel

On Firefox
Open up Preferences -> Advanced -> Network -> Settings -> Proxies. Select Manual proxy configuration. Fill out SOCKS Host and port.
setting up ssh tunnel
Alternatively, if you’re running a decent operating system like OsX, you can change the settings for system wide network access which will affect all browsers apps (this will also be opened for you if you attempt to change Chrome OsX proxy settings). From System Preferences, select your appropriate network interface (in my case, Ethernet). Under the proxies tab, tick to enable SOCKS proxy, then type in the details on the right.
internet proxy server
That’s wasn’t too hard was it? Of course, you could set this up with any remote linux computer really, but I wanted to demonstrate another of the many benefits to having your own private host over slow shared hosting, and just how powerful a few simple linux commands can be.

Remember, don’t do anything illegal with this method, as it can be traced back to your hosting account and is not designed to provide 100% anonymity.

Image Credit: ShutterStock

No comments:

Post a Comment