User Tools

Site Tools


socks_proxy

If you want to send us your comments, please do so. Thanks
More on comments


Socks proxy

Aim

  1. Start a ssh session from the client on the server without the need of entering a username and password
  2. Set up a socks proxy. This can be used with a webbrowser, e-mail client and any other application that supports a socks proxy

ssh login with key

Create a ssh key pair on the client and on the server for user: user

ssh-keygen -t rsa

Aim: Creating the needed directories
Copy the contents of the file on the client

$HOME/.ssh/id_rsa.pub

to the file

$HOME/.ssh/authorized_keys

of user user on the server. If this file does not exist, create it

touch $HOME/.ssh/authorized_keys
chmod 644 $HOME/.ssh/authorized_keys
chown user:user $HOME/.ssh/authorized_keys

The oontents of the file should look like

ssh-rsa 43oGoYovNuG4nxeBKTxIbk327PzusRYzWPUlBr2vjTUF9dQuAiJRbM4JDMlvjIP9f0Bdp85rWDuiRtOfWQEGqWELIvR78ZQb0A63cxx89AVV5hqGb9Filtw3hhw0hHYszcV1egkxFfeT2QUkOBHi3EPmNCfRKyxwaJq1mUp9HbLXV0bsBMhg1kw81UKX057qdhoGmwTqm1u8YiqJK1kUPBlYrgJyuHBGgz7RAJhYsyTNZBRzTsu7KUlXYxNGzXtNECbWW81z5RjqrBc4yKv1P7hTL0WUZcFND0Etbp5Mm2O2qhgvzU9giAdqv0NVqvMrcneLLDu1XjjrfSuzFGGqpEqgocasO88qObcuUiHgUozzIJ user@hostname

Test if it works. Log in on the server with (replace hostname with IP if hostname does not work)

ssh user@server_hostname

Start the socks proxy

Start the socks proxy on the server by running on the client

ssh -D 1080 user@server_hostname

If you have set the ssh port to a different number, for security reasons for example, use

ssh -D 1080 -p <port> user@server_hostname

Do not close the termial, it would end the socks-proxy connection
Configure the socks-proxy on the client

  • Linux Mint: “Network”, “Network Proxy”
  • Mozilla Firefox: Edit | Preferences | Advanced | Network | Settings | Manual proxy configuration | SOCKS | Host: | server_hostname or server_IP and the port number 1080 (in the second field. Also select SOCKS v5
  • xfce from the command line: See table below
CLI actionConfigurationRemark
Set up connectionssh -p <port> -D 1080 <user>@server_IP
On xfce install one ofconnect_proxyConfigure in $HOME/.ssh/config or for all users in /etc/ssh/ssh_config
On xfce install one ofproxychainsConfiguration in /etc/proxychains.conf Can also be in current directory or $HOME
On xfce install one oftsocksConfiguration in /etc/tsocks.conf
On xfce configure/etc/environment if needed. See example at tsocks below

Issues

Work in progress

  • Does not run with Firefox
  • Does not run with connect-proxy
  • Does not run with proxychains

tsocks

Run

. tsocks -on
tsocks -show

which should result in something like

LD_PRELOAD="/usr/lib/libtsocks.so"

If we then run

tsocks links2 www.duckduckgo.com

We get error

14:46:40 libtsocks(14257): Connection needs to be made via default server but the default server has not been specified. Fallback is 'no' so coudln't establish the connection.

And in the popup window

Error loading http://www.duckduckgo.com Connection refused

Set

/etc/environment

to, beware, some applications do not support wildcards (well)

no_proxy=127.0.0.1,*.local.com
NO_PROXY=127.0.0.1,*.local.com
no_proxy=localhost,127.0.0.0/8,*.local
NO_PROXY=localhost,127.0.0.0/8,*.local
all_proxy=socks://socks_proxy_server_hostname:8080
ALL_PROXY=socks://socks_proxy_server_hostname:8080
http_proxy=http://socks_proxy_server_hostname:8080
HTTP_PROXY=http://socks_proxy_server_hostname:8080
ftp_proxy=http://socks_proxy_server_hostname:8080
FTP_PROXY=http://socks_proxy_server_hostname:8080  
https_proxy=http://socks_proxy_server_hostname:8080
HTTPS_PROXY=http://socks_proxy_server_hostname:8080

To activate these settings log of and log in again

Errors

ssh login

Could not resolve hostname

When login with

ssh user@server_hostname

results in

ssh: Could not resolve hostname server_hoatname: Name or service not known

maybe the server_hoatname is not in the local DNS hostsfile of the client. Try

ssh user@server_IP

Socks proxy

Connection timed out

When

ssh -D 1080 user@server_hostname

results in

ssh: connect to host server_hostname port 22: Connection timed out

the solution might be that the ssh port on the server is on an other port number. Check what the ssh prot number is on the server and try

ssh -D 1080 -p <port> <user>@<hostname>

The authenticity of host .. can't be established

When

ssh -D 1080 -p <port> <user>@<hostname>

results in

The authenticity of host '[<hostname>]:<port> ([127.0.1.1]:<port>)' can't be established.
ECDSA key fingerprint is <fingerprint>.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[<hostname>]:<port>' (ECDSA) to the list of known hosts.
<user>@<hostname> password:
Permission denied, please try again.
<user>@<hostname> password:

the solution might be using an IP address in stead of a hostname

user@server_IP

Proxychains

proxychains traceroute some_domain

DNS timeout

ProxyChains-3.1 (http://proxychains.sf.net)
|DNS-request| some_domain
|S-chain|-<>-127.0.0.1:8080-<--timeout
|DNS-response|: some_domain is not exist
some_domain: Unknown error
Cannot handle "host" cmdline arg `some_domain' on position 1 (argc 1)

How to configure proxy settings on Linux XFCE?
How do I set systemwide proxy servers in Xubuntu, Lubuntu or Ubuntu Studio?
Proxy settings


Main subjects on this wiki: Linux, Debian, HTML, Microcontrollers, Privacy

RSS
Disclaimer
Privacy statement
Bugs statement
Cookies
Copyright © : 2014 - 2024 Webevaluation.nl and the authors
Changes reserved.

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
socks_proxy.txt · Last modified: 10-07-2020 22:11 by wim