SSH SOCKS proxy is one of the way to have a secure tunnel for web browsing. It’s comes handy when we need to do secure browsing in a public network such as in a public WiFi environment, as the traffic between our host and the proxy is encrypted .

For this to work, we need to have an SSH server somewhere that we want to tunnel our traffic to, and an SSH client at our host.

Creating an SSH SOCKS tunnel is as simple as running the following command;

$ ssh -D 8080 user@proxy-address

The following command assumes we have a user account with the username user at the server with the address proxy-address, and 8080  is our local port to be used for the tunnel.

The next step is to configure our web browser to use the tunnel. To do it in Firefox on Linux, choose Edit in the menu and click on Preferences (or Tools->Options in Windows). Then choose Advanced tab and click on the Network tab. Click the Settings button next to the Configure how Firefox connects to the internet text, and fill up the SOCKS proxy information as the following;

That’s just it, and from this point forward Firefox will tunnel all the browsing traffic through our SOCKS proxy, and the end server will see our traffic coming from our SOCKS proxy server. This can also be considered as a VPN as servers in our proxy server’s network can be accessed with their internal adresses.