Using Firefox with a Putty SSH tunnel as a SOCKS proxy

Hi,

The reason I wanted to do this one was viewing a site from an American IP address rather than an Australian. I tested this on my Bluehost account, and it worked perfectly. Here are the instructions:

1. Work out how to connect to your server. You’ll need Putty (available at http://www.chiark.greenend.org.uk/~sgtatham/putty/) – from the Session screen, put in your hostname, most likely port 22 for SSH, make sure SSH is selected as the connection type and click ‘Open’ at the bottom of the screen. If you can log in to that, then the SSH component works and you’re good to go for the rest of this.

2. From Putty, go down to Connection > SSH > Tunnels. From this area, add in a source port (I’ve chosen 9870 but this can be any unused port), and choose ‘Dynamic’. Then click ‘Add’ and you’ll get an entry under “Forwarded Ports”:


3. Go back to Session and connect to SSH. You can save your session to load later rather than retyping the details:

putty2
4. Click “Open” and log onto your SSH session. You only need to log on with your credentials and get to a bash prompt.

5. Open Firefox, and go to the website http://whatismyip.com – take note of your external IP address, because this should change once you’re tunnelling through SSH.

6. In Firefox, press the ‘alt’ key to bring up the top menu and go into Tools > Options. Under the “Advanced” area, go to the “Network” tab and in the “Connection” area click the “Settings” button.

firefox17. Choose the “Manual proxy configuration” radio button, and under SOCKS Host enter “127.0.0.1” and the port you entered into Putty (in my case it’s 9870). Make sure SOCKS v5 is selected.

firefox2

8. Press OK twice to get back to the main view of the Firefox Browser. Try again to get to http://whatismyip.com – if all is working, you’ll see a different IP address which is from the server you’re SSH’d to. If something isn’t configured correctly, you’ll more likely see a browser error like “The proxy server is refusing connections”.

That’s it! Handy for Australians to get access to different web content and pricing.

Update: BobGrrl on twitter has mentioned another two options, free but requiring someone you know to help you at the other end. http://openvpn.net is where you can get it, so a good free opensource solution pending you’re nice enough to someone in another country!

If you want to do this with BlueHost yourself, sign up here:

There’s a bunch of other stuff you get, not just proxy access 🙂

Update 19/11/2013: This has been tested under Windows 8.1 and worked perfectly. If you do any of the above settings wrong (like putting in 127.0.0.1 as your HTTP proxy rather than SOCKS Host) it probably won’t work. Also make sure your forwarded port from the very first step is still there, if you close putty and re-open it may not remember those settings.

32 thoughts on “Using Firefox with a Putty SSH tunnel as a SOCKS proxy

  1. Hi, Thanks you for this solution,
    But it does not work for me, it is may be due to the server side configuration.
    Does the server side only need an OpenSSH server?
    Thank you, in advance.

    1. What part is failing, are you unable to make the putty connection or unable to browse websites once established?

      1. I believe OpenSSH is all you need, so you may need to check with your server hoster to make sure they don’t block proxy access – some will do this.

      2. It’s my roommates synology. We have checked to make sure it’s configured correctly and I can access it via putty but for whatever reason it gives us a connection reset on every attempt to use the Web.

      3. There’s not much to the config, so I’d be pretty confident it’s the synology setup somehow – but not knowing it I can’t really say much to help sorry.

  2. Unfortunately, it seems Firefox, foxyproxy, myentunnel and plink no longer work correctly in windows 8.1.
    “Fowareded port closed” “Nothing left to send closing channel” among a host of other log entries

    1. Sorry I’ve taken a while to get back to this, but I’ve just fully tested under Windows 8.1 and the above method works. There must be something else going on for you to have this issue.

  3. To be complete, change the network.proxy.socks_remote_dns setting to true via about:config in Firefox. That way, Firefox will let the socks server make the DNS lookups instead of doing the locally.

    1. That does make it more complete, but I can’t think of any reason why I’d want one or the other – should get the same DNS results from the public internet. Maybe if you were aiming to leave no trace of your local IP anywhere at all looking up the ip address of a domain name? Any other reason you can think of?

      1. My ISP redirect the failed DNS attemps to myisp.com/errorpage/here_is_some_crap
        So I’d rather use the remote DNS server to get genuine DNS failures.

  4. Thank you for your post. I confirm it is working on Windows 8.1. You just need to pay attention and select Dynamic and Auto (instead of IPv4, etc) when you add the Tunnelled Port in Putty.

Leave a Reply