SSH Reverse Proxy Tunnel

On occasion I need to test external access to my office or sometimes I’m on public Wi-Fi and want to securely browse the internet without connecting to a VPN. For times like those I use an SSH reverse proxy tunnel to a VPS and Firefox. This routes all of my Firefox traffic through my VPS securely over SSH.

All you need to accomplish this is an SSH server somewhere that you trust and Firefox. Once you have an SSH server up, go through these steps:

  1. SSH into the server with the -D PORT flags
    • ssh -D 4020 user@server
  2. Open Firefox
  3. Check your external IP at https://ifconfig.co
  4. Type about:config
  5. Search for proxy
  6. Set network.proxy.socks to 127.0.0.1
  7. Set network.proxy.socks_port to 4020 (or whatever port you chose)
  8. Set network.proxy.socks_version to 4
  9. Set network.proxy.type to 1
  10. Set network.proxy.socks_remote_dns to true
  11. Check your external IP again at https://ifconfig.co and this time it should be the SSH servers external IP

When you’re done using the tunnel you’ll want to reverse the steps to disable the tunnel and exit the SSH session. If you try to use Firefox with the proxy enabled and the SSH tunnel down, then Firefox won’t be able to connect.

Because I’m lazy and didn’t want to have to configure and unconfigure Firefox everytime I wanted to do this I wrote a script a while ago to configure and unconfigure Firefox for me. You can find the script here.

To use the script- make sure that Firefox is closed. Run python /path/to/fire-proxy --on to configure the proxy in Firefox, then the --off flag to unconfigure the proxy in Firefox.