This Port Forward configuration example will describe how to tunnel your web browsing traffic via an SSH server.

This can be useful for privacy reasons, if you'd like to prevent your mobile carrier or wifi operator from being able to monitor your web traffic. 

All traffic sent between your Android device and your SSH server (including DNS requests) will be encrypted via the SSH protocol.


Requirements

  • A Pro license for JuiceSSH, enabling Port Forwarding functionality.
  • Firefox browser installed on your Android device (currently SOCKS not supported with Chrome or the stock browser).
  • An SSH server named ssh.mydomain.com which is listening on port 22 (change as appropriate).

Instructions

  1. Create your SSH Connection
    1. In the full connection list, hit New Connection.
    2. Enter the address ssh.mydomain.com.
    3. Ensure the connection has a valid Identity containing a username and a password or private key.
    4. Add a nickname and assign the connection to groups if you wish.
    5. Hit Save, and test that your new connection connects successfully.
  2. Create your Port Forward Profile
    1. From the full connection list, swipe left and hit New Port Forward.
    2. Enter the following details:
      1. Name: My SOCKS Tunnel
      2. Connection: ssh.mydomain.com (or nickname)
      3. Mode: SOCKS (Dynamic)
      4. Port (from): 5000 (or any other locally available port between 1024-65535)
      5. Hit Save. 
      6. Here is an example:


  3. Make it accessible, if desired, by adding a home screen shortcut (long press item in list) or the JuiceSSH widget.
  4. Activate the profile and check for the active profile's notification.
  5. Configure firefox to use the SOCKS proxy
    1. In the firefox URL bar, type 'about:config' and press enter to access advanced settings
    2. Search for 'socks' and set the following settings:
      1. network.proxy.socks = 127.0.0.1
      2. network.proxy.socks_port = 5000
      3. network.proxy.socks_remote_dns = true

        firefox_socks_settings.png


    3. Search for 'proxy.type' and set the following setting:
      1. network.proxy.type = 1





  6. Open up firefox and go to a site like http://www.geoiptool.com/
  7. Check that the IP & location are that of your SSH server:



  8. When finished, use the notification, home screen widget/shortcut or full port forward list to disable the profile again.