Create #SOCK4 or #SOCK5 #Proxy in a Second on #Linux

Krishnendu Paul

Dec 9, 2021 2 min read

My home country is India, but presently I stay in Stockholm. So, many times I face the issue like some Indian sites are not opening / blocking or not accesible from Sweden IP ( EU restriction or some other "Security" features ). Also, there are few sites in Sweden which are not accesible from Indian IP, when I am in India. So, always in a need of VPN / Proxy in both locations. But, to be honest, I really don't want to burn my pocket every month for a mere VPN, as it required only few times a month.

So, was thinking of a #Lazy and cheap way to deploy a VPN or Proxy for short time. Suddenly I thought why not using SSH itself to do that ! Checked man page and found -D option, obvioysly we used before for SSH tunneling or other purpose.

     -D [bind_address:]port
             Specifies a local “dynamic” application-level port forward‐
             ing.  This works by allocating a socket to listen to port on
             the local side, optionally bound to the specified
             bind_address.  Whenever a connection is made to this port,
             the connection is forwarded over the secure channel, and the
             application protocol is then used to determine where to con‐
             nect to from the remote machine.  Currently the SOCKS4 and
             SOCKS5 protocols are supported, and ssh will act as a SOCKS
             server.  Only root can forward privileged ports.  Dynamic
             port forwardings can also be specified in the configuration
From SSH Man Page

So, if you are using following command on your system , it will open a sock5 proxy on mentioned port till the command is running ( until you press CRTL+C ) .

ssh -N -D localhost

Added -N for security, as -N means

 -N      Do not execute a remote command.  This is useful for just
             forwarding ports.

But, remember, it is not secure by default ( it can not be added with login / pass for the proxy, so open to all ). Though you can create an iptables rules to allow only your IP.

Please remember , it is just a quick way to solve your purpose of accessing some local site for shorter period. Now, how to get a server locally - be creative :-) .  ( Do you know amazon , oracle , google cloud give 1 micro instance for free per account on your choosen zone ?  )

Do you need a long term solution and a full fledge VPN or proxy ? Check dante for socks and openvpn to setup your own VPN on your own server or VM.

Now client side, on browser  - I use Firefox and this plugin is very handy to setup proxy per tab - Container proxy . Surely you can find some plugin for your daily browser.

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.