1

I want to use a server I have as a SOCKS proxy for browsing from my laptop.
According to OpenSSH's man page, you can do that with the opcion -D

-D port
Specifies a local ``dynamic'' application-level port forwarding. This works by allocating a socket to listen to port on the local side, and whenever a connection is made to this port, the connection is forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. Currently the SOCKS4 and SOCKS5 protocols are supported, and ssh will act as a SOCKS server. Only root can forward privileged ports. Dynamic port forwardings can also be specified in the configuration file.

So in my server (IP 192.168.0.5) I typed the command:
ssh localhost -D3333
(an SSH connection to itself)

That should make it listen on port 3333.
Then I configured my browser to use the SOCKS proxy 192.168.0.5:3333

However it doesn't seem to work, the browser says it couldn't establish the connection.

What am I doing wrong?
Can this be done with OpenSSH?

MORE INFO:

The output of netstat -aon says:

tcp        0      0 ::1:3333                    :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 :::587                      :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 :::465                      :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 :::21                       :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 :::22                       :::*                        LISTEN      off (0.00/0/0)
tcp        0      0 :::25                       :::*                        LISTEN      off (0.00/0/0)
Improve this question
6
  • do you have the ssh server running on 192.16.0.5 port 22 ? also to do a reverse socks.. like such that you get the socks on the remote end it's a bit involved superuser.com/questions/370930/ssh-reverse-socks-tunnel But at least get the local socks working, the ssh -D as that's what you're trying for now and not managing, and that's simpler than the more involved thing.
    – barlop
    Commented Mar 28, 2014 at 23:41
  • Yes, the SSH service is running of course, I connect to it from my laptop using putty.
    – GetFree
    Commented Mar 28, 2014 at 23:46
  • so presumably you can you do netstat -aon and see a connection established once you connect with putty and that there is listening on port 3333? How about chrome --proxy-server="socks5://192.168.0.5:3333" added- another to try is curl --socks5 192.168.0.5:3333 http://blah (curlis on gnuwin32 or cygwin) Worth trying with 127.0.0.1 too
    – barlop
    Commented Mar 28, 2014 at 23:55
  • I added the output of netstat. Apparently the problem is that it's listening only to localhost and not everyone??
    – GetFree
    Commented Mar 29, 2014 at 0:14
  • I don't really recognize that kind of output that much. i'm used to ipv4 and windows, but if it's only letting localhost connect then you could do *:3333 so I suppose ssh -D *:3333 then it should be open to more than just local host to connect to it. (if that was your problem then that might help) But also why not just try connecting from localhost to localhost.
    – barlop
    Commented Mar 29, 2014 at 0:25

1 Answer 1

Reset to default
4

By default, "ssh -D 3333" will listen on localhost only to avoid others on your network from connecting through your proxy.

If your browser is on the same machine, then you should use 127.0.0.1:3333 as your proxy server.

Otherwise, you can make the ssh dynamic forward accessible to other hosts using:

ssh -D 0.0.0.0:3333 localhost
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .