Using SSH as a SOCKS VPN on Mac OS
This post seems to follow on from my previous post regarding a quick and easy proxy server on Ubuntu! And sticks with the proxy theme quite nicely.
I’ve come across a couple of corporate VPN solutions that appear to open a SSH tunnel for the VPN and push all traffic down it accordingly. Sometimes it’s very useful to be able to test routing from a remote source, or to give your users a cheap and quick VPN. (As well as in this case the VPN and Firewall provider didn’t provide a native Mac VPN client.)
There is two different ways in which I use this system and a version for Windows users with PuTTY may following soon!
Using SSH as a SOCKS Proxy & VPN
Advantages: Secure and safe, encrypted tunnel, can be used with every application installed, cane be used for services other than HTTP.
Disadvantages: It doesn’t look as ‘nice’ as a proper VPN client.
Instructions
On your Mac open Terminal (Applications – Utilities – Terminal), and you’ll want to use the following syntax:
ssh -D 8080 [username]@[IP address or hostname]
If your SSH port is on a different port you’ll need the following:
ssh -D 8080 -p [port number] [username]@[IP address or hostname]
An example could be:
ssh -D 8080 [email protected]
Now change your SOCKS proxy, open up System Preferences (Applications – System Preferences), Network.
On the following box click Advanced.
In the next box that pops up you’ll want to tick the SOCKS Proxy option, and put the following entry in the text box 127.0.0.1 port 8080, like this:
And now all your applications that are using the setting in the control panel will be able to use the VPN session, just don’t shut down the Terminal window, that is where the magic is happening!
Using SSH as a Secure HTTP Proxy
Advantages: Sometimes you don’t want all your traffic going in through a SSH tunnel, just specific HTTP traffic will do.
Disadvantages: Again firewall rules may impede your ability to do this and you can only go to one site at a time!
Instructions
On your Mac open Terminal (Applications – Utilities – Terminal), and you’ll want to use the following syntax:
ssh -L 2222:[website address]:[port] [username]@[IP Address or hostname]
An example could be:
ssh -L 2222:www.companya.com:80 [email protected]
Now this method is far easier, you don’t need to make any settings in your System Settings, just open up a web browser and point it to:
12 Comments
I’m struggling with this one. I have a Linux box sat on the Internet, I can connect to it fine, but when I use it as a socks all my requests time out. Any ideas?
It sounds like your Linux server may not be allowing outbound connections once you’ve established the connection. Firstly I’d be making sure there are no firewall rules blocking your outbound connections, try running the command below to see if it sheds any light.
Yup, that’ll do it. You have my aprepcitaion.
I tend to travel around quite a bit, and going through a hotels/airport/restaurant Wifi doesn’t fill be with complete confidence in that my informtation is secure. Connecting though my linux machine is a great highly secure way to make sure everything is secure and safe. Plus it means I can catch up on iPlayer while I’m away lol.
[…] SSH client installed by default, so you can simply create an SSH tunnel by opening a terminal and typing in a long command. Alternatively, you can grab a GUI-wrapped app like SSH Tunnel Manager (Mac App […]
[…] already familiar with creating an SSH tunnel so thought if I tied everything down to localhost only, it meant that any attackers would first […]
[…] http://www.gypthecat.com/using-ssh-as-a-socks-vpn-on-mac-os (1) open terminal. type in $ ssh -D 8080 [email protected]_address then enter the password (2) System Preferrences -> Network -> Advanced -> Proxies -> SOCKS Proxy SOCKS Proxy Server : 127.0.0.1 port : 8080 Click OK. NB: the terminal window has to be opened all the time. If the terminal window is closed, there is no internet. Share this:TwitterFacebookLike this:LikeBe the first to like this post. Categories Uncategorized […]
[…] SSH as VPN in Mac Posted on June 4, 2012 by darkhydrogen I am following this link below: http://www.gypthecat.com/using-ssh-as-a-socks-vpn-on-mac-os (1) open terminal. type in $ ssh -D 8080 [email protected]_address then enter the password […]
[…] I am following this link below: http://www.gypthecat.com/using-ssh-as-a-socks-vpn-on-mac-os (1) open terminal. type in $ ssh -D 8080 [email protected]_address then enter the password […]
[…] SSH as VPN in Mac Posted on June 4, 2012 by darkhydrogen I am following this link below: http://www.gypthecat.com/using-ssh-as-a-socks-vpn-on-mac-os (1) open terminal. type in $ ssh -D 8080 [email protected]_address then enter the password […]
[…] SSH client installed by default, so you can simply create an SSH tunnel by opening a terminal and typing in a long command. Alternatively, you can grab a GUI-wrapped app like SSH Tunnel Manager (Mac App Store / Linux). […]
Thanks for your guide. You lessened my worries. Now I can easily configure it for use.