How To Set up a SOCKS Proxy Using Putty & SSH

How To Set up a SOCKS Proxy Using Putty & SSH

If you ever find yourself in front of a public computer connected to the Internet and 
are concerned about the security of the path between you and a website you wish to 
visit, a SOCKS proxy can come in handy.
SOCKS proxies generally allow you to “bounce” a TCP connection off another server 
transparently– basically instructing another computer to make a connection on your 
behalf. When used in combination with Secure Shell (SSH), it can form an encrypted 
tunnel that insulates you from anyone attempting to grab traffic off the wire.
The following is a simple step-by-step tutorial about how to do this.
You will need:

 -Putty SSH client:
 -An account on an Internet-accessible server that accepts SSH connections and allows 
connection forwarding (enabled by default)
 -A popular web browser or other software that supports SOCKS communications

Step 1:
 Fire up Putty and navigate to the Session Category

Step 2:
 Enter the hostname/IP address and port of the server on which you have an account.

 (Note: The default SSH port is 22)
This tells Putty how to connect to the SSH server.

Step 3:
 Under the SSH->Tunnels Category

 Enter the following:

Source port: 8888 (or any port of your choosing. Just be sure to remember what it is)
Destination: hostname/IP address of the server on which you have an account
Also, select the “Dynamic” radio button.
This tells Putty that, upon a successful connection, a SOCKS tunnel should be opened 
from a port on the computer you are using to the SSH server.

Step 4:
 Click “Add”
The forwarded port is now added to the connection settings.

Step 5:
 Click “Open” to start the connection
Putty will ask for your login credentials. In most cases, this will be a username and 
At this point, your Putty-enabled SOCKS proxy should be active. But how do we test it 
out? Keep reading…
Step 6:
 Fire up your web browser and navigate to its proxy connection properties menu.
For Firefox 3, it is in Tools->Options->Advanced->Network(tab)->Connection, Settings

Step 7:
 Find the SOCKS settings text box and enter the following:
Proxy Address/Host: localhost OR
Port: 8888 (or whatever port you decided to use in Step 3)
 Ensure SOCKS Version 4 is selected
might not work correctly.)

Step 8:
 Click “OK” until you’re back to your browser.
Go to and check your IP address. It should be different from the 
machine you’re on. In fact, it SHOULD be the IP address of the SSH server (or whatever 
machine is handling its connections).

Step 9:
 Pat yourself on the back. Or have your buddies do it for you– they’ll no doubt be 
impressed by your newfound computer skills. Enjoy browsing the web using your own 
personal SSH proxy.

NOTE: Although this could be useful when using a public computer– it won’t protect you 
due diligence when using untrusted computers.

What's Your Reaction?