Own proxy server through SSH tunnel.

by Опубликовано

What could be better than a quality proxy? Only your personal proxy! Proxy server, which was created by hand. Of which you are sure. This is especially important in our time when there is such a trend that convenient and familiar services become paid, but besides this, they become more vulnerable to various attacks and hacks. And now, a convenient and seemingly reliable proxy service can already collect data about you and transfer it to third parties. It would seem that the process is quite natural. If something is of high quality, it usually has to be worth the money. In another way, this “quality” is simply not enough for everyone. But when it comes to quality, we begin to think about what is included in this concept. It seems to us that the main criteria for the quality of a proxy are:

-Anonymity

-Stability

-Working speed

And undoubtedly, a personal proxy server based on an SSH tunnel is exactly what any novice Linux system administrator can get. Since usually, a bunch of servers is at hand, just take it and use it. In general, deploying a proxy on Linux is much easier than on Windows. To create your proxy server on Windows, you need to use software that is more likely to contain viruses and backdoors. Therefore, it is so important to use reliable and trusted sources to find such software.

The need to create your proxy server is dictated by the limits and restrictions of the resources with which we work daily. For example, Netflix or YouTube may give out data and restrictions based on the visitor’s GEO in different ways.

Since the user’s GEO is mainly determined through the IP address, to use such sites and services without problems, it is enough to change your IP. The easiest way to do this is to use free anonymous proxy servers. But it is important to understand that if you are offered something for free, then most likely you are paying for it anyway, you just do not know the price. This can be both your data and a profile of you as a visitor, to whom you can then send a bunch of ads. Such proxies and services can be easily made by making a simple request to Google. Something like “free anonymizers”. But, with a high chance, services have long been aware of such resources and their IPs have long been blocked. Again, each case is unique and perhaps this option will be quite enough for adequate work. What if not?

Let’s see how you can create your personal anonymous proxy server, of course, not for free, but not «for all the money in the world.»

Using SSH to create a tunnel is the easiest and fastest option to create a secure encrypted communication channel. To create such a tunnel, you will need equipment with an SSH server and a second one with an SSH client. SSH technologies are available on almost any server running Linux. Quite recently, Microsoft has added SSH to their operating systems: the OpenSSH server is available on Windows Server 2019 and the client on Windows 10.

The first thing we will need to do is register/buy a server on which this proxy will work. The most popular solution will be VPS/VDS (Virtual Dedicated Server). For the minimum amount of money, you get a «mini» dedicated server. It will not be possible to run something powerful on it, but for our task, even 128Mb of memory and 1 processor are enough. In terms of operating system management, for the most part, it corresponds to a physical dedicated server.

The most important point in buying a VDS for a proxy is to find out in which country this server will be and what traffic channel will be available. In addition, you need to pay attention to the presence of a traffic limit. Some Internet providers limit the amount of traffic that is included in the cost of the server. Therefore, if you plan to watch Netflix through a proxy, then you need to make sure that the traffic is unlimited.

In addition, some hosting providers prohibit the placement of proxy servers on their equipment. It may be worth clarifying this point in support so as not to lose your money.

A popular solution for hosting providers is the Debian OS.

For confident Linux users, the obvious and easy option is to set up a proxy using a 3proxy-based solution. But, now, we will consider an even simpler solution, based on a tunnel through SSH. Since this is an easier way to solve this problem.

Establishing a tunnel through SSH.

Regardless of where you bought/rented the VDS, it will have access to it via SSH, otherwise, it would not be possible to manage the server.

For us to solve our problem — “proxy via SSH”, this very access is enough for us. Usually, such accesses look like this:

IP/Hostname: 123.123.123.123

Login: root / Debian / user

Pass:someStrongPassword

To set up work under Linux, we need to type ssh you_user@123.123.123.123 -D 5555 on the command line, you need

to change “you_user” to a username that exists on your VDS, 123.123.123.123 to the IP address of your server that was given to you by your hosting provider. The main magic is in the -D option, but in order not to confuse and complicate the information, let’s skip the technical details.

Everything remains to configure the browser (Firefox) to work, as it is done in the screenshot, 5555 is the port on which your proxy will work.

To work under Windows, install PuTTY and create a new connection as follows. Run PuTTY, in the Hostname field, and enter the IP address of your VDS, here you can leave the port 22.

Go to the settings tree in Connection->SSH->Tunnels. Enter 5555 in the “Source port”, select “Dynamic” in Destination, then click Add and Open.

and configure the browser (in our example, Internet Explorer 8).

Опубликовано fosy