November 9, 2017

Create your own SOCKS5 proxies using SSH and Putty


Sometimes, we need to browse a site with our browser without anybody interfering or watching what we do. For example, we want a visit a site that blocks certain countries based on their IP range. If we set a server that has an IP that is “allowed”, we can use that server to serve as intermediary,so requests seems to come from the server’s IP address  and not our(client’s) IP address. So it looks like this;


It would be the same as if we would like to buy an apple from the store(or anything else you can fancy), but we don’t want anybody to know. We could call a boy, whisper him what we want, and he would go to a store and buy an apple with the money we gave him. He would bring an apple to us, and nobody would know for whom he bought an apple for.

You have probably heard of or used a proxy server like Squid, which accepts client requests for a web page, fetches the web page for user,and then sends the requested page back to the client. It has fancy features such as client authentication, list of banned or allowed IP, even bandwidth throttling.

And then, there is something called SOCKS protocol which actually makes a tunnel via  a proxy server,through which our requests are directed. It reaches the proxy server, which gets the web page on client’s behalf,and hands it back to him.It is not limited to HTTP traffic only, like Squid proxy server, but can proxy any TCP traffic. It has older version 4 and new version 5, which support some new capabilities, like client authentication,UDP packages and server-side named resolution. I will show how to set a SOCKS5  connection using a linux server in the cloud and your browsers.



You need to have a VPS server available in the cloud,which you can access via SSH (you need an IP and root user’s password).I use VPS provider DigitalOcean, because of it’s simplicity and multiple available Linux distributions, it’s versions, and different 32/64 versions for some of them. For this tutorial, I choose CentOS 6.9, x64 version, but I have also tested it on Ubuntu 14.05 x64 and it works without any modification. I


In Windows, we can easily  set an SSH tunnel by using a well-known SSH client called Putty.Putty can be downloaded from this site:


You can download it as portable application or install it.Whatever you choose, you should start it,and at the initial screens,as host name enter your server’s IP, here it is,as Saved Session enter DigitalOcean,and in settings on the left side, Connections->SSH->Tunnels like at the picture

In the source port, enter any high port (1024 to 65535).We can enter any high port in Source Port field, I chose 3333 for no particular reason.

Click Add and change Destination from local to Dynamic.


Click Open to start the connection, enter the password for user root

The tunnel is now set,and putty should not be closed, only minimized.


Using firefox web browser, we should (depending on a version) choose to modify proxy settings,in my version …

Choose Manual proxy and fill only SOCKS Host



For chrome(my version is 62),click Settings->Advanced at the bottom at the screen, then Open Proxy Settings,and when Internet Properties screen opens, click LAN Settings and fill the Socks field with localhost:3333.

Configuring chrome to use this proxy will also set the proxy for Opera and Internet Explorer. Firefox is different in a sense that configuring it doesn’t change system-wide settings as other browsers do.



Now, without closing Putty,try to browse the net,for example google.com.If you can, that means that the setup is working. To really see that we are browsing the Net using our server’s IP instead of  our computers, let’s visit a page https://whatsmyip.com/,which will show us the IP address from which we are accessing it. It shows:

If we close the Putty session and try to browse google.com,we’ll get: