How can I tunnel my web traffic through an SSH server with SOCKS? : JuiceSSH Helpdesk

How can we help you today?

How can I tunnel my web traffic through an SSH server with SOCKS? Print

Modified on: Sun, 5 Oct, 2014 at 10:46 AM

This Port Forward configuration example will describe how to tunnel your web browsing traffic via an SSH server.

This can be useful for privacy reasons, if you'd like to prevent your mobile carrier or wifi operator from being able to monitor your web traffic.

All traffic sent between your Android device and your SSH server (including DNS requests) will be encrypted via the SSH protocol.

Requirements

A Pro license for JuiceSSH, enabling Port Forwarding functionality.
Firefox browser installed on your Android device (currently SOCKS not supported with Chrome or the stock browser).
An SSH server named ssh.mydomain.com which is listening on port 22 (change as appropriate).

Instructions

Create your SSH Connection

In the full connection list, hit New Connection.
Enter the address ssh.mydomain.com.
Ensure the connection has a valid Identity containing a username and a password or private key.
Add a nickname and assign the connection to groups if you wish.
Hit Save, and test that your new connection connects successfully.

Create your Port Forward Profile

From the full connection list, swipe left and hit New Port Forward.
Enter the following details:

Name: My SOCKS Tunnel
Connection: ssh.mydomain.com (or nickname)
Mode: SOCKS (Dynamic)
Port (from): 5000 (or any other locally available port between 1024-65535)
Hit Save.
Here is an example:

Make it accessible, if desired, by adding a home screen shortcut (long press item in list) or the JuiceSSH widget.
Activate the profile and check for the active profile's notification.
Configure firefox to use the SOCKS proxy

In the firefox URL bar, type 'about:config' and press enter to access advanced settings
Search for 'socks' and set the following settings:

network.proxy.socks = 127.0.0.1
network.proxy.socks_port = 5000
network.proxy.socks_remote_dns = true

Search for 'proxy.type' and set the following setting:

network.proxy.type = 1

Open up firefox and go to a site like http://www.geoiptool.com/
Check that the IP & location are that of your SSH server:
When finished, use the notification, home screen widget/shortcut or full port forward list to disable the profile again.

Did you find it helpful? Yes No

Help Desk Software by Freshdesk