Using SSH as a SOCKS VPN on Mac OS

Mac SOCKS Server Panel

This post seems to follow on from my previous post regarding a quick and easy proxy server on Ubuntu!  And sticks with the proxy theme quite nicely.

I’ve come across a couple of corporate VPN solutions that appear to open a SSH tunnel for the VPN and push all traffic down it accordingly.  Sometimes it’s very useful to be able to test routing from a remote source, or to give your users a cheap and quick VPN.  (As well as in this case the VPN and Firewall provider didn’t provide a native Mac VPN client.)

There is two different ways in which I use this system and a version for Windows users with PuTTY may following soon!

Using SSH as a SOCKS Proxy & VPN

Advantages: Secure and safe, encrypted tunnel, can be used with every application installed, cane be used for services other than HTTP.
Disadvantages: It doesn’t look as ‘nice’ as a proper VPN client.

Instructions

On your Mac open Terminal (Applications – Utilities – Terminal), and you’ll want to use the following syntax:

ssh -D 8080 [username]@[IP address or hostname]

If your SSH port is on a different port you’ll need the following:

ssh -D 8080 -p [port number] [username]@[IP address or hostname]

An example could be:

ssh -D 8080 [email protected]

Now change your SOCKS proxy, open up System Preferences (Applications – System Preferences), Network.

On the following box click Advanced.

Network Control Panel on Mac

Network Control Panel on Mac

In the next box that pops up you’ll want to tick the SOCKS Proxy option, and put the following entry in the text box 127.0.0.1 port 8080, like this:

Mac SOCKS Server Panel

Mac SOCKS Server Panel

And now all your applications that are using the setting in the control panel will be able to use the VPN session, just don’t shut down the Terminal window, that is where the magic is happening!

 

Using SSH as a Secure HTTP Proxy

Advantages: Sometimes you don’t want all your traffic going in through a SSH tunnel, just specific HTTP traffic will do.

Disadvantages: Again firewall rules may impede your ability to do this and you can only go to one site at a time!

Instructions

On your Mac open Terminal (Applications – Utilities – Terminal), and you’ll want to use the following syntax:

ssh -L 2222:[website address]:[port] [username]@[IP Address or hostname]

An example could be:

ssh -L 2222:www.companya.com:80 [email protected]

Now this method is far easier, you don’t need to make any settings in your System Settings, just open up a web browser and point it to:

http://127.0.0.1:2222

11 Comments on "Using SSH as a SOCKS VPN on Mac OS"

  1. Boggy-Boy says:

    I’m struggling with this one. I have a Linux box sat on the Internet, I can connect to it fine, but when I use it as a socks all my requests time out. Any ideas?

    • gyp says:

      It sounds like your Linux server may not be allowing outbound connections once you’ve established the connection. Firstly I’d be making sure there are no firewall rules blocking your outbound connections, try running the command below to see if it sheds any light.

      iptables -L

  2. MAc says:

    I tend to travel around quite a bit, and going through a hotels/airport/restaurant Wifi doesn’t fill be with complete confidence in that my informtation is secure. Connecting though my linux machine is a great highly secure way to make sure everything is secure and safe. Plus it means I can catch up on iPlayer while I’m away lol.

Trackbacks for this post

  1. Escaping the firewall with an SSH tunnel, SOCKS proxy, and PuTTY | Admiration Security News - Security Like A Professional
  2. How to Secure phpMyAdmin on Ubuntu | Gyp the Cat dot Com
  3. Using SSH for VPN in mac « darkhydrogen
  4. Use SSH as VPN in Mac | darkhydrogen
  5. Use SSH as VPN in Mac | darkhydrogen
  6. Use SSH as VPN in Mac | darkhydrogen
  7. Escaping the firewall with an SSH tunnel, SOCKS proxy, and PuTTY

Got something to say? Go for it!