• Home
  • The Song
  • The Avatar
  • The Cat
  • Contact the Cat

Gyp the Cat dot Com

Using SSH as a SOCKS VPN on Mac OS
internet

Using SSH as a SOCKS VPN on Mac OS

This post seems to follow on from my previous post regarding a quick and easy proxy server on Ubuntu!  And sticks with the proxy theme quite nicely.

I’ve come across a couple of corporate VPN solutions that appear to open a SSH tunnel for the VPN and push all traffic down it accordingly.  Sometimes it’s very useful to be able to test routing from a remote source, or to give your users a cheap and quick VPN.  (As well as in this case the VPN and Firewall provider didn’t provide a native Mac VPN client.)

There is two different ways in which I use this system and a version for Windows users with PuTTY may following soon!

Using SSH as a SOCKS Proxy & VPN

Advantages: Secure and safe, encrypted tunnel, can be used with every application installed, cane be used for services other than HTTP.
Disadvantages: It doesn’t look as ‘nice’ as a proper VPN client.

Instructions

On your Mac open Terminal (Applications – Utilities – Terminal), and you’ll want to use the following syntax:

ssh -D 8080 [username]@[IP address or hostname]

If your SSH port is on a different port you’ll need the following:

ssh -D 8080 -p [port number] [username]@[IP address or hostname]

An example could be:

ssh -D 8080 [email protected]

Now change your SOCKS proxy, open up System Preferences (Applications – System Preferences), Network.

On the following box click Advanced.

Network Control Panel on Mac
Network Control Panel on Mac

In the next box that pops up you’ll want to tick the SOCKS Proxy option, and put the following entry in the text box 127.0.0.1 port 8080, like this:

Mac SOCKS Server Panel
Mac SOCKS Server Panel

And now all your applications that are using the setting in the control panel will be able to use the VPN session, just don’t shut down the Terminal window, that is where the magic is happening!

 

Using SSH as a Secure HTTP Proxy

Advantages: Sometimes you don’t want all your traffic going in through a SSH tunnel, just specific HTTP traffic will do.

Disadvantages: Again firewall rules may impede your ability to do this and you can only go to one site at a time!

Instructions

On your Mac open Terminal (Applications – Utilities – Terminal), and you’ll want to use the following syntax:

ssh -L 2222:[website address]:[port] [username]@[IP Address or hostname]

An example could be:

ssh -L 2222:www.companya.com:80 [email protected]

Now this method is far easier, you don’t need to make any settings in your System Settings, just open up a web browser and point it to:

http://127.0.0.1:2222

Related

Written by gyp - June 21, 2011 - 15241 Views
Tags | mac, proxy, socks, ssh

You Might Also Like

Quick & Easy Nginx Load Balancer with Backend

September 16, 2013

A Tinyproxy Transparent Installation on Ubuntu 12.04 with HTTPS Support

October 8, 2012

How to Create a Websense Content Gateway (WCG) on CentOS

August 24, 2015

12 Comments

  • Boggy-Boy June 21, 2011 at 4:13 pm

    I’m struggling with this one. I have a Linux box sat on the Internet, I can connect to it fine, but when I use it as a socks all my requests time out. Any ideas?

    Reply
    • gyp June 21, 2011 at 6:47 pm

      It sounds like your Linux server may not be allowing outbound connections once you’ve established the connection. Firstly I’d be making sure there are no firewall rules blocking your outbound connections, try running the command below to see if it sheds any light.

      iptables -L

      Reply
      • Caro June 30, 2011 at 6:04 pm

        Yup, that’ll do it. You have my aprepcitaion.

        Reply
  • MAc July 24, 2011 at 8:39 am

    I tend to travel around quite a bit, and going through a hotels/airport/restaurant Wifi doesn’t fill be with complete confidence in that my informtation is secure. Connecting though my linux machine is a great highly secure way to make sure everything is secure and safe. Plus it means I can catch up on iPlayer while I’m away lol.

    Reply
  • Escaping the firewall with an SSH tunnel, SOCKS proxy, and PuTTY | Admiration Security News - Security Like A Professional August 21, 2011 at 5:33 pm

    […] SSH client installed by default, so you can simply create an SSH tunnel by opening a terminal and typing in a long command. Alternatively, you can grab a GUI-wrapped app like SSH Tunnel Manager (Mac App […]

    Reply
  • How to Secure phpMyAdmin on Ubuntu | Gyp the Cat dot Com February 17, 2012 at 2:33 pm

    […] already familiar with creating an SSH tunnel so thought if I tied everything down to localhost only, it meant that any attackers would first […]

    Reply
  • Using SSH for VPN in mac « darkhydrogen June 4, 2012 at 8:35 pm

    […] http://www.gypthecat.com/using-ssh-as-a-socks-vpn-on-mac-os    (1) open terminal. type in  $ ssh -D 8080 [email protected]_address then enter the password    (2) System Preferrences -> Network -> Advanced -> Proxies -> SOCKS Proxy  SOCKS Proxy Server : 127.0.0.1 port : 8080    Click OK.    NB: the terminal window has to be opened all the time. If the terminal window is closed, there is no internet.            Share this:TwitterFacebookLike this:LikeBe the first to like this post. Categories Uncategorized […]

    Reply
  • Use SSH as VPN in Mac | darkhydrogen June 4, 2012 at 8:46 pm

    […] SSH as VPN in Mac Posted on June 4, 2012 by darkhydrogen I am following this link below: http://www.gypthecat.com/using-ssh-as-a-socks-vpn-on-mac-os     (1) open terminal. type in $ ssh -D 8080 [email protected]_address then enter the password   […]

    Reply
  • Use SSH as VPN in Mac | darkhydrogen June 4, 2012 at 8:50 pm

    […] I am following this link below: http://www.gypthecat.com/using-ssh-as-a-socks-vpn-on-mac-os     (1) open terminal. type in $ ssh -D 8080 [email protected]_address then enter the password   […]

    Reply
  • Use SSH as VPN in Mac | darkhydrogen June 4, 2012 at 8:56 pm

    […] SSH as VPN in Mac Posted on June 4, 2012 by darkhydrogen I am following this link below: http://www.gypthecat.com/using-ssh-as-a-socks-vpn-on-mac-os   (1) open terminal. type in $ ssh -D 8080 [email protected]_address then enter the password    […]

    Reply
  • Escaping the firewall with an SSH tunnel, SOCKS proxy, and PuTTY March 8, 2014 at 6:44 am

    […] SSH client installed by default, so you can simply create an SSH tunnel by opening a terminal and typing in a long command. Alternatively, you can grab a GUI-wrapped app like SSH Tunnel Manager (Mac App Store / Linux). […]

    Reply
  • Alfredo Schwartz June 2, 2020 at 3:28 pm

    Thanks for your guide. You lessened my worries. Now I can easily configure it for use.

    Reply
  • Please Post Your Comments & Reviews
    Cancel reply

    Your email address will not be published. Required fields are marked *

    Previous Post
    Next Post

    Latest Posts

    • Kusto Geolocation IP Lookup
    • Monitoring Tor Usage in Azure Sentinel, ASC, MDATP and ALA
    • HTTP to HTTPS Redirect on Azure CDN
    • Strongswan IPSec (Including Cryptomap) to Microsoft Azure Virtual Network Gateway
    • Black Ops 3 NAT Type Strict & PS4 NAT Type 3 with pfSense Fixed!
    • Sorry for the lack of posts
    • How to Block Internet Access with Group Policy (GPO)
    • Enforcing Microsoft Office 365 and Azure Tennancy with McAfee Web Gateway (MWG)
    • Scanning Subnet for Issuing Certificate Authority with OpenSSL
    • How to Configure Windows 2012 NPS for Radius Authentication with Ubiquiti Unifi

    Top Posts & Pages

    • How to Block Internet Access with Group Policy (GPO)
      How to Block Internet Access with Group Policy (GPO)
    • How to Configure Windows 2012 NPS for Radius Authentication with Ubiquiti Unifi
      How to Configure Windows 2012 NPS for Radius Authentication with Ubiquiti Unifi
    • Kusto Geolocation IP Lookup
      Kusto Geolocation IP Lookup
    • Tinyproxy A Quick and Easy Proxy Server on Ubuntu
      Tinyproxy A Quick and Easy Proxy Server on Ubuntu
    • Monitoring Tor Usage in Azure Sentinel, ASC, MDATP and ALA
      Monitoring Tor Usage in Azure Sentinel, ASC, MDATP and ALA
    • How to DNSPerf on Ubuntu 14.04 with Installation and Quick Start
      How to DNSPerf on Ubuntu 14.04 with Installation and Quick Start
    • How to Add Different Disclaimers using alterMIME and Postfix based on Domain
      How to Add Different Disclaimers using alterMIME and Postfix based on Domain
    • Blocking Countries on Nginx without the GeoIP Module
      Blocking Countries on Nginx without the GeoIP Module
    • How to Enable Squid Anonymous Stealth Mode
      How to Enable Squid Anonymous Stealth Mode
    • Configuring Suite B, VPN-A and VPN-B in IPSec with Strongswan
      Configuring Suite B, VPN-A and VPN-B in IPSec with Strongswan

    Tags

    apache2 azure azure log analytics blops business centos cheating cissp cloudflare cryptography dns game google gyp internet iphone ipsec isc linux mac marketing microsoft mw2 mx mysql nginx pfsense postfix proxy ps3 qualification radius revision security seo smtp socks squid ssh strongswan tinyproxy ubuntu windows 2012 wordpress xdecrypt.com
    Gyp the Cat dot Com

    Some rights retained Gyp the Cat Dot Com