Thursday, May 21, 2009

SSH Tunneling Proxy using Putty on Windows and Linux (Unblock YouTube / Orkut / Facebook)

SSH Tunneling?

SSH Tunneling is the method by which, requests from our local system is encapsulated in an SSH session and forwarded to a remote computer, which then sends the requests as if they originated from the remote computer.

Using this method we can set up Socks (V5) Proxies to access websites. This method is used for anonymous browsing as well as for accessing Blocked sites within the local network, such as Orkut, Facebook, YouTube or any other website, you name it :).

On Windows
Setting up an SSH Tunnel on Linux is obvious and I will describe it anyway, but lets see how it is done on Windows first. For Windows you need

  • Putty
  • A Browser

That's about it. Putty is a free software you can download for free.

Next run "Putty.exe", You can see a screen as shown below:



In the Hostname (or IP Address) textbox, provide the IP or Domain of the SSH server. You can get some free SSH servers out there on the internet, try searching for "Free SSH Servers", I am not posting any servers in particular because, I dont see any servers out there that will be there forever. Still there will always be some free servers, Good for us :)...

Next on the left hand side tree, Click on SSH and make sure it appears as in the screen shot below. Watch out for Compression and SSH Version.



Next click on Tunnel Button, and Fill up the source port as 9090 (Can be any port > 1024, Just remember this number, I used 9090) and Click on the Dynamic Option Below, These are highlighted below:



  • After doing these Click the Add Button.
  • Now click on the Tree View on the left side, the top most item, "Session"
  • In Saved Session enter a name and Press Save.
  • Now click Open.

Now a Window should open, and you have to login with your username and password. That's it with the Putty part. :)

Next time you run putty, you just have to double click the saved name from the list of Saved Sessions. No need to follow the above step. Next we have to configure the Browser to use this proxy.

On Linux (Or Cygwin on Windows)
Run the command
ssh -C2qTnN -D 9090 username@remote_machine.com


Setting up the Browser

Firefox
On linux take Edit > Preferences
On Windows take Tools > Options



Click on Advanced > Network Tab > Settings. (Illustrated Above)
Now you get a window as shown below, and fill the settings as shown below.



Manual Proxy Settings
Blank out all other Text Fields
Socks Host: localhost
Port : 9090 (or the one you specified earlier)
Check Socks v5 Option.

Click on Ok and again Ok (in the options Window)

Internet Explorer And Google Chrome
Take Start Menu > Control Panel > Internet Options


Click on Connections Tab > Lan Settings (Highlighted in Figure Above)



Check use a proxy server and click advanced.



Now fill up Socks as localhost, and Port 9090 or the one you gave earlier.
Click Ok and Ok and Ok as needed :)

That's all Enjoy Browsing :)...
Visit "www.orkut.com" "www.facebook.com" and verify that your proxy connection does work..
:)

21 comments:

Arun Prabhakar said...

Please note that the SSH Server should be outside your home network !
:)

dwoo said...

This doesn't work for Google Chrome or MSIE since they don't use Socks 5.

This works fine for Mozilla Firefox.

dwoo said...

The connection to Mozilla Firefox is perfect.

I cannot get this to work on Google Chrome or MSIE which use Socks 4.

Arun Prabhakar said...

It does work for Chrome or IE, if you set the Internet Options right.

dwoo said...

Arun,

I must be doing something incorrectly then.

I'm behind a firewall on the corporate network.

I use a tunnel to connect to my remote server using 9090 as my port.

The only connections I am able to get are those that support Socks 5. I have Mozilla working fine and also Azureus, which both support Socks 5.

Is there something in my server settings, perhaps, that only recognizes Socks 5?

jc said...

will this pass through DNS queries?

Arun Prabhakar said...

By default no, but on firefox you can turn it on.

Goto about:config

set network.proxy.socks_remote_dns option to true

Anonymous said...

I can't get firefox to connect... However, in Cygwin when I put the command in and it asks me for the password of the SSH account, I type it in and nothing happens. Is it supposed to do something? I am connected in my actual SSH client but nothing happens in Cygwin.

Arun Prabhakar said...

Nothing would happen on cygwin, did you set the correct proxy in firefox ? localhost:9090 ?

Anonymous said...

Yes, I set up everything exactly how the guide said. It just could not get a connection. I just don't see what I'm doing wrong.

sapto said...

Hi its for u Arun i know how to config putty , can u please tell me one free SSH server (USA) which i can register and use with putty.ASAP.

Tanner said...

Thanks for this!

Got my squid server running & needed to let someone know how to connect to it.

Hopefully it's working & he'll be able to get around the Great FireWall of China!

Anonymous said...

I cant make putty to connect through my company proxy server. I tried to fill in proxy name and port no.(3128)-copied from firefox settings, and tried ticking different proxy type radiobuttons, but I either got "connection refused" or "403:forbidden" or blank window without login prompt.
Any suggestions anyone?
Thanks.

Arun Prabhakar said...

where is putty trying to connect to ?
is there an SSH account ?

Anonymous said...

I am trying to use ssh tunnel to play WoW through ssh "wowtunnels" server. I also tried "proxytunnel" free app(which is said can be used together with putty), and I got this readout:

Tunneling to proxy1.wowtunnels.com:80 (remote proxy)
Communication with local proxy:
-> CONNECT proxy1.wowtunnels.com:80 HTTP/1.0
-> Proxy-Connection: Keep-Alive
-> User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)\n
<- HTTP/1.0 403 Forbidden
HTTP return code: 403 Forbidden
<- Server: squid/3.0.STABLE18
<- Mime-Version: 1.0
<- Date: Wed, 07 Oct 2009 06:02:39 GMT
<- Content-Type: text/html
<- Content-Length: 1485
<- X-Squid-Error: ERR_ACCESS_DENIED 0
<- X-Cache: MISS from ***.***.**
<- Via: 1.0 ***.**.** (squid/3.0.STABLE18)
<- Proxy-Connection: close

Arun Prabhakar said...

Apparently the squid proxy on your company has denied the request. The ssh server should not be black listed by the proxy :)

Anonymous said...

You mean, that proxy is blocking all connection towards any ssh server, or that just some IP addresses are blacklisted? If the first is true, then I am done with any ssh tunnelling, right?

Arun Prabhakar said...

Wow Tunnels are blocked by the proxy, you should be able to access the internet using SSH.

Anonymous said...

Let me make sure i'm doing this right: I'm using chrome, and on the options -> change proxy settings -> lan settings dialog, if I have the "socks" field filled in with localhost:9090, i should not have http/https/ftp fields filled in, correct? because it seems to not work if those are filled in.

Marcus said...

Thanks for this guide!

toto said...

thanks !!!!