The reason I wanted to do this one was viewing a site from an American IP address rather than an Australian. I tested this on my Bluehost account, and it worked perfectly. Here are the instructions:
1. Work out how to connect to your server. You’ll need Putty (available at http://www.chiark.greenend.org.uk/~sgtatham/putty/) – from the Session screen, put in your hostname, most likely port 22 for SSH, make sure SSH is selected as the connection type and click ‘Open’ at the bottom of the screen. If you can log in to that, then the SSH component works and you’re good to go for the rest of this.
2. From Putty, go down to Connection > SSH > Tunnels. From this area, add in a source port (I’ve chosen 9870 but this can be any unused port), and choose ‘Dynamic’. Then click ‘Add’ and you’ll get an entry under “Forwarded Ports”:
3. Go back to Session and connect to SSH. You can save your session to load later rather than retyping the details:
4. Click “Open” and log onto your SSH session. You only need to log on with your credentials and get to a bash prompt.
5. Open Firefox, and go to the website http://whatismyip.com – take note of your external IP address, because this should change once you’re tunnelling through SSH.
6. In Firefox, press the ‘alt’ key to bring up the top menu and go into Tools > Options. Under the “Advanced” area, go to the “Network” tab and in the “Connection” area click the “Settings” button.
7. Choose the “Manual proxy configuration” radio button, and under SOCKS Host enter “127.0.0.1” and the port you entered into Putty (in my case it’s 9870). Make sure SOCKS v5 is selected.
8. Press OK twice to get back to the main view of the Firefox Browser. Try again to get to http://whatismyip.com – if all is working, you’ll see a different IP address which is from the server you’re SSH’d to. If something isn’t configured correctly, you’ll more likely see a browser error like “The proxy server is refusing connections”.
That’s it! Handy for Australians to get access to different web content and pricing.
Update: BobGrrl on twitter has mentioned another two options, free but requiring someone you know to help you at the other end. http://openvpn.net is where you can get it, so a good free opensource solution pending you’re nice enough to someone in another country!
If you want to do this with BlueHost yourself, sign up here:
There’s a bunch of other stuff you get, not just proxy access :)
Update 19/11/2013: This has been tested under Windows 8.1 and worked perfectly. If you do any of the above settings wrong (like putting in 127.0.0.1 as your HTTP proxy rather than SOCKS Host) it probably won’t work. Also make sure your forwarded port from the very first step is still there, if you close putty and re-open it may not remember those settings.
37 thoughts on “Using Firefox with a Putty SSH tunnel as a SOCKS proxy”
Hi, Thanks you for this solution,
But it does not work for me, it is may be due to the server side configuration.
Does the server side only need an OpenSSH server?
Thank you, in advance.
What part is failing, are you unable to make the putty connection or unable to browse websites once established?
Unable to browse websites once established
I believe OpenSSH is all you need, so you may need to check with your server hoster to make sure they don’t block proxy access – some will do this.
It’s my roommates synology. We have checked to make sure it’s configured correctly and I can access it via putty but for whatever reason it gives us a connection reset on every attempt to use the Web.
There’s not much to the config, so I’d be pretty confident it’s the synology setup somehow – but not knowing it I can’t really say much to help sorry.
You don’t have to use an ssh client or re-configure firefox. There are tools like ProxyCap that will take care of everything:
Unfortunately, it seems Firefox, foxyproxy, myentunnel and plink no longer work correctly in windows 8.1.
“Fowareded port closed” “Nothing left to send closing channel” among a host of other log entries
Sorry I’ve taken a while to get back to this, but I’ve just fully tested under Windows 8.1 and the above method works. There must be something else going on for you to have this issue.
I can confirm the technique works under windows 8 and 8.1.
Thanks for confirming Digital Droid!
im from Ghana what should i do
I can’t think of a funny response for this, so what are you trying to do? Where are you stuck?
I’ve been looking for an non complicated guide, this is perfect and works flawlessly. Thanks
Glad to hear it, thanks for the feedback.
But how to open port on ssh server from putty ?
See if this guide helps you? http://www.inmotionhosting.com/support/website/general-server-setup/how-to-open-a-port-in-your-firewall
To be complete, change the network.proxy.socks_remote_dns setting to true via about:config in Firefox. That way, Firefox will let the socks server make the DNS lookups instead of doing the locally.
That does make it more complete, but I can’t think of any reason why I’d want one or the other – should get the same DNS results from the public internet. Maybe if you were aiming to leave no trace of your local IP anywhere at all looking up the ip address of a domain name? Any other reason you can think of?
Another reason someone would want to do this is to circumvent DNS based forms of censorship.
My ISP redirect the failed DNS attemps to myisp.com/errorpage/here_is_some_crap
So I’d rather use the remote DNS server to get genuine DNS failures.
Thank you for your post. I confirm it is working on Windows 8.1. You just need to pay attention and select Dynamic and Auto (instead of IPv4, etc) when you add the Tunnelled Port in Putty.
Glad to hear it worked for you, thanks for sharing!
It works on my Win 7 Pro. Thanks.
Proxy like a Boss!
Excellent post. Works perfectly on Windows 10. Just made my life a lot easier, thanks :-)
This worked perfectly! Thanks
This article is EXTREMLY useful.
I would never guessed, that SOCKS address have to be entered, not PROXY.
Glad to have helped!
Very helpful to still have a UK presence whilst over in the US. My ssh makes a connection over ipv6 and seems to be tunneling ipv4 and ipv6 over this quiet happily. I’m also using Digital Droid’s suggestion to tunnel the DNS requests.
Glad to hear it, thanks for sharing!
I am connecting to a server, which has no display associated with it, so I get the following error:
`$ firefox http://whatismyip.com`
`Error: no display specified`
this seem not work anymore, look like Bluehost changed. I used to do same thing with this years ago, now I am buy a new shared hosting package from bluehost – get a SSH shell access, and alway got “Connection reset…” when visit any web sites.