Collected knowledge for myself and anyone interested

SSH Tunneling

You need your own server where you can connect with SSH as a prerequisite for ssh tunneling. For this purpose you can use “Amazon Web Services Free Tier EC2 instances” or “Google Cloud Platform Free Tier – Compute Instances

We will use a port for the tunneling and use our SSH connection for SOCKS proxy.

While connecting I am selecting port 8080. Here is the command:

$ ssh -i amazon.pem [email protected] -D 8080

For putty users in Windows the command is below. You also need to convert the amazon.pem key to ppk format using PuTTYgen.exe.

C:\Program Files (x86)\PuTTY> putty -i amazon.ppk [email protected] -D 8080

So as you can see we just added “-D 8080”. Now we will switch to our browser settings to use it as a SOCKS proxy. I will show the example in Firefox. You can use your favorite browser.

In Firefox goto Preferences –> Advance –> Network –> Settings. After that you need to enter the details below:

ssh tunneling

After that lets see if it works fine. Open URL  to see what is your IP and its location. Here are my details:

ssh tunneling 2

Normally I am located in Istanbul-Turkey; however my location and IP seems to be in US. Now you are free to surf cencored sites and your company firewall cannot log your browsing history.

For the IT people and administrators:

If you want to prevent SSH tunneling the best way to deny it is by application control (Layer 7). If you only deny port 22 it is easy to use any port for ssh and your users can change their SSH server settings. For example they can use 80 and 443 ports to connect their SSH server. If you do not have application control in your firewall I suggest to upgrade or switch to a better device.

Next: SSH Tunneling over HTTPS