2 min read

Configuring a SOCKS proxy on Mac or Linux desktop

Configuring a SOCKS proxy on Mac or Linux desktop
Photo by Livi Po / Unsplash

Today there was a need at work to "tunnel" through the firewall and get to an external address without having to purchase a server to spin up a VPN service. The easiest way to do that is to use one of the servers that we have externally to create a SOCKS proxy.

Here's how you do that. On my Mac the first thing you need to do is open the terminal. The next step is to use the following command to create the ssh connection to the server.

ssh -i KEY -D PORT_NUMBER -f -C -q -N USERNAME@SERVER_IP_ADDRESS

For me the -i is needed due to having a key required and the server doesn't accept passwords for authentication. The rest of the flags that are required are:

  • -f - This flag backgrounds the ssh command.
  • -i - Tells ssh to use an identity file (private key) for the authentication.
  • -C - Uses compression for the data that is being transferred during the session.
  • -q - This tells ssh to execute in quiet mode.
  • -N - This tells ssh not to execute remote commands. This is useful for just forwarding ports (i.e. SOCKS proxy).

Once the command is running you can use the ps aux | grep -i ssh to see what ssh sessions are running. In order to kill the process you need the pid from that command and then you can use kill (pid) to stop the process.

Now for the browser, in order to setup the SOCKS proxy I will let you figure out what to do because Safari, Firefox and any Chrome (Chromium) browser has a different way of setup. For Firefox, I use a utility called Foxy Proxy. This plugin makes switching the proxy on and off extremely easy.

Once all that is setup, you can now just surf the internet as usually but you will be exiting the internet from your remote machine and not the local network that you are on. This is a way to bypass the firewall restrictions that you may have in place at work or evade any other restrictions that may be in your way.

As always, if you have questions or feedback about anything I say please email me.