How to setup SOCKS proxy

February 25, 2014 51.6k views
I've squid-proxy installed on my droplet and HTTP proxy works just fine. However there are some apps that ask for SOCKS proxy. Is there any standard SOCKS server that's easy to setup (really easy)? Or sth that I can install just with an apt-get? I have seen many blog posts using this "ssh -D 8080 root@" and then a "curl --socks5-hostname" actually shows that the network is using this proxy. So, does a DO droplet come pre-installed with a SOCKS server? Or is it OpenSSH? If the answer to above is "yes" then can I use it in my applications? If yes, running the "ssh -D .. " in a terminal and then using it doesn't seem to be comfy. So, how can I use a SOCKS server that is running on my droplet all the time and I can use with various applications - just like my squid HTTP proxy works? tl;dr: I need to have a SOCKS proxy server on my droplet running all the time so that I can use it some applications (e.g. LimeChat) and I want simple setup and non-complex configuration (great if I can get sth Zero Config).
1 comment
3 Answers

SOCKS proxies can be created without any special SOCKS proxy software if you have OpenSSH installed on your server and a SSH client with dynamic tunnelling support installed on your client computer.

Since you're talking about LimeChat, I'm assuming you're running Mac OS. To create a SOCKS proxy or dynamic SSH tunnel in Mac OS you'll need to open up the Terminal (Applications >> Utilities >> Terminal)

Once there type and press enter:

ssh -D 10000 user@<IP Address or Domain of your DigitalOcean VPS>

Now, enter your password and make sure to leave the Terminal window open. You have now created a SOCKS proxy at localhost:10000. Only close this window if you wish to disable your local SOCKS proxy.

Now, you can now configure any software to proxy through your DigitalOcean VPS by telling it to use localhost:10000. Optionally, you can configure your system to use this SOCKS proxy for all outgoing connections.

To forward your IRC connections in LimeChat through your DigitalOcean VPS (warning you might get DDoS'd) edit Server Properties > Details (see LimeChat Proxy Preferences) Enter localhost for the SOCKS server and 10000 for the port.

To forward all connections in Mac OS X through your DigitalOcean VPS Go to 'Preferences' >> 'Advanced' >> 'Settings…' >> 'Manual proxy configuration'. Enter localhost for the SOCKS server and 10000 for the port. (see Setting up a SOCKS proxy in Mac OS X

One caveat is that some applications cannot correctly forward DNS requests through this local SOCKS proxy (i.e. they cannot talk the SOCKS v4a or SOCKS v5 protocol.) If that's the case you'll can either email the upstream developer and ask for a bugfix/ SOCKS5 support, switch applications, or use an intermediate proxy client that is able to speak SOCKS 5 such as Polipo or Privoxy.

SOCKS is an internet protocol and you don't need to install anything on the server other than an, of course, an ssh server which is a given since this is a cloud server. The more pressing issue is usually client-side software since you need to be able to open an ssh connection as well as open a local port on the device you want to use the SOCKS proxy on. If your on a computer its simple, on a phone or tablet its a bit more difficult, and on an embedded device it can get complicated really quick. On a computer you can just use Putty on Windows or the Terminal on a MAC or LINUX machine. Its just basically just an SSH tunnel to the server and on the client side a "SOCKS Proxy" is just the application (i.e. Firefox web browser) port forwarding all traffic through the ssh tunnel. The trick is finding a client side application that can both open a remote ssh connection, open a local port, then forward network traffic through it, and of course the application your using needs to support SOCKS proxies as well but it sounds like allready have that... In the end the difficulty all depends on the what you need to do and as a pice of further advice just google "SSH Tunnel" there are a lot of things you can do with it. As a side note the last part of the comand you posted above is just an example of how to manually route the network traffic form a LINUX terminal command through a SOCKS Proxy "(n this case curl) "curl --socks5-hostname"
You can browse the web securely using a Droplet with SSH access as a SOCKS 5 proxy end point. In this tutorial we'll use a Ubuntu 14.04 Droplet as the proxy, and the Firefox web browser as the client application. By the end of this tutorial you should be able to browse websites securely through an SSH tunnel.
Have another answer? Share your knowledge.