Use Dedicated Server as Proxy with SSH Tunneling

Leveraging Your VPS for Secure and Private Internet Access

Previously, the advantages of utilizing a virtual private server (VPS) hosting account were discussed. These benefits include enhanced speed and the capacity to host numerous websites. Furthermore, optimal performance can be achieved through the configuration of W3 Total Cache, facilitated by the installation of specific Apache caching extensions.

This article details how a VPS can also function as a private Internet proxy server, enabling secure online browsing.

This capability is particularly valuable in regions like China, where many commercial proxy services are no longer operational. The following provides a comprehensive guide on establishing your VPS as a private proxy.

Clarifying Key Considerations

Before proceeding, several points require clarification.

Compatibility with Hosting Types

The implementation of this method relies on SSH (Secure Shell) access, often referred to as command-line access. Consequently, it is generally compatible with dedicated or virtual dedicated hosting accounts.

However, some shared hosting providers may offer SSH access; therefore, consulting your provider’s support documentation is recommended.

Legality and Acceptable Use

This setup should not be used for illegal activities such as downloading torrents or engaging in other illicit practices. All traffic is routed through your server’s IP address, making any actions traceable back to your hosting account.

Moreover, utilizing this method for bandwidth-intensive activities like torrenting can rapidly deplete your monthly hosting allowance, potentially increasing costs.

Motivations for Utilizing a Private Proxy

A primary reason for employing this technique is to obtain an alternative IP address when accessing websites. This is especially useful when encountering location-restricted content that blocks access from certain countries.

In situations where a country actively blocks access to common proxy providers – as is currently the case in China – this method provides a means to bypass censorship and conduct online activities without constant surveillance by restrictive firewalls.

The described approach allows users to tunnel outside of restrictive countries and continue their online activities without having every data packet scrutinized.

Establishing SSH Connectivity on Windows

The setup process for SSH on Windows is somewhat more involved compared to operating systems like macOS or Linux. Utilizing SSH requires the installation of a dedicated client application; this guide will demonstrate using PuTTY. Begin by downloading the core putty.exe executable file.

Upon launching PuTTY for the initial time, several configurations must be specified. The server domain is the first required input. If multiple domains are configured within your hosting account, any of them can be used, provided they support SSH access. Remember that login credentials are specific to each domain.

It is strongly advised against logging in with the root account, even if it has been enabled.

Configuring PuTTY

Follow these steps to configure your PuTTY session:

• Enter the server domain in the designated field on the primary screen.
• Select the SSH category in the left-hand navigation panel. Ensure that compression is activated.
• Expand the SSH section to reveal advanced settings. Navigate to the Tunnels sub-section.
• Within the Tunnels screen, input '9090' as the Source Port and set the Destination type to Dynamic.
• Return to the main session screen where you initially entered the domain name.
• Assign a descriptive name to your configuration in the 'Saved Sessions' field, then click 'Save'. This allows for quick reloading of your settings in subsequent sessions.
• Finally, click the Open button to initiate the connection.

Please note that PuTTY does not offer password saving functionality, necessitating re-entry of your username and password with each connection attempt. Some users may encounter difficulties pasting their password; if this occurs, try entering it character by character.

The first connection attempt may trigger a security warning regarding certificate authenticity. This can be safely disregarded and the connection should be continued.

With the PuTTY connection established and maintained, you can proceed to configure your web browser.

Leaving the PuTTY connection active is crucial for the subsequent browser configuration steps.

Establishing an SSH Connection on Linux/macOS

To begin, launch your terminal application and enter the subsequent command:

ssh -C2qTnN -D 9090 username@yourdomain.com

Upon successful password authentication, the process is complete. It is important to maintain the terminal window open during the browser configuration stage.

Understanding the SSH Command

The command utilizes several flags to establish a secure connection. These flags optimize the connection for tunneling and proxying.

• -C: Enables compression, improving transfer speeds.
• -2: Specifies the SSH protocol version 2.
• -q: Activates quiet mode, suppressing most warning and diagnostic messages.
• -T: Disables pseudo-terminal allocation.
• -n: Prevents reading from standard input.
• -N: Indicates that no command will be executed on the remote host.
• -D 9090: Sets up a dynamic application-level port forwarding, using port 9090 as the local listening port.
• username@yourdomain.com: Specifies the username and domain address of the remote server.

This configuration effectively creates an SSH tunnel, allowing you to route your internet traffic through the remote server.

Browser Configuration

With the SSH tunnel active, you must now configure your web browser to utilize the proxy. This directs your browser’s traffic through the secure tunnel.

The specific configuration steps vary depending on your browser. Generally, you will need to locate the proxy settings and specify a SOCKS proxy with the address localhost and port 9090.

Once configured, all your browser traffic will be routed through the SSH tunnel, enhancing your online privacy and security.

Browser Configuration for Proxy Use

This guide details how to configure your web browser to utilize a SOCKS5 proxy. The fundamental step involves modifying the connection settings to point to localhost on port 9090.

The following instructions cover configuration for Internet Explorer and Firefox specifically.

Internet Explorer Setup

Navigate to Tools, then select Internet Options. Proceed to the Connections tab.

Ensure the Use a proxy server checkbox is ticked. Subsequently, click the Advanced button.

Populate the SOCKS proxy address field with localhost and the port field with 9090. Only these fields should be modified.

Firefox Configuration

Access Preferences, then navigate to Advanced. From there, select Network, then Settings, and finally Proxies.

Choose Manual proxy configuration. Enter the SOCKS Host and port details accordingly.

For users of operating systems like OsX, a system-wide network configuration is available. This approach impacts all applications, including web browsers.

This option will also be presented if you attempt to adjust Chrome proxy settings on OsX.

From System Preferences, select the relevant network interface (e.g., Ethernet).

Within the proxies tab, enable the SOCKS proxy and input the required details in the provided fields.

The process of setting up a proxy connection is relatively straightforward. This method can be implemented with any remote Linux computer.

However, this demonstration highlights the advantages of utilizing a private host over shared hosting, and the capabilities of basic Linux commands.

It is crucial to use this method responsibly and legally. Any illicit activities can be traced back to your hosting account, and this setup does not guarantee complete anonymity.

Image Credit: ShutterStock