How to encrypt SOCKS5 traffic

sockssocks-proxysshssh-tunneltunnel

When I use my laptop in open Wi-Fi networks I want to tunnel all my TCP/IP traffic through a SOCKS5 server running on my VPS.

I'm using Windows 7 and Proxifier in order to tunnel ALL traffic through the VPS. Now unfortunately SOCKS5 is unencrypted and I want to have encryption. So my question is how can I encrypt the traffic to the SOCKS5 server? Maybe in combination with SSH?

I know I could just make a SSH tunnel, but this way I couldn't use a tool like Proxifier, that tunnels ALL traffic. With SSH tunnel I would have to tell every application to use SSH tunnel.

Best Answer

Tell Proxifier to use your SSH tunnel as an upstream SOCKS proxy:

your system <--> Proxifier <--> SSH dynamic forwarding (SOCKS) <--> VPS

To make a SOCKS tunnel through SSH, you can use its "dynamic forwarding" feature:

ssh you@your.vps.example.com -D 12345

which opens the SSH connection, and then opens a local port 12345 to operate as a SOCKS proxy, forwarding its traffic through the remote VPS (the same functionality is present in Windows SSH clients, e.g. PuTTY).

Related Solutions

Redirect all SSH traffic through a “middleman” server

Another way is to use netcat as an ssh proxy command. Append this to the file ~/.ssh/config on Host sourcehost:

Host targethost
    ProxyCommand ssh -q viahost nc -q0 C 22

Then ssh targethost on Host sourcehost should tunnel via Host viahost. Rsync etc. should also work. Consider to use ControlMaster like this:

ControlMaster auto
ControlPath $HOME/.ssh/tmp/%h_%p_%r

Linux SSH – Extending an SSH SOCKS5 Proxy to the Far Endpoint

ssh -L localhost:1080:localhost:1080 my-username@host-ssh-jump-server -t 'ssh -N -D localhost:1080 root@host-server'

Best Answer

Related Solutions

Redirect all SSH traffic through a “middleman” server

Linux SSH – Extending an SSH SOCKS5 Proxy to the Far Endpoint

Related Question