RT Cunningham


Using an SSH Tunnel on Windows, Linux Mint and Android

SSH tunnel An SSH tunnel is often called a poor man’s VPN (virtual private network) but that’s not right. An SSH tunnel doesn’t reroute all connections like a VPN.

The way I set up an SSH tunnel on Windows and Linux Mint can probably be duplicated with any Linux desktop distribution (such as Ubuntu desktop). With Android, it’s a bit different. In any case, any cheap VPS with root access can be used for tunneling through SSH.

Secure SSH before Setting up an SSH Tunnel

The standard port being used for SSH is 22. If you want to thwart the people attempting to break into it, you should read what I wrote about hardening my server.

In short, move the port, allow access only to specific IP address ranges and use public key authentication instead of a password.

Use a Good SSH Client

For Windows and Linux Mint (a Debian/Ubuntu derivative), I prefer PuTTY. You can download it for Windows and it’s in the Ubuntu repository. I’m not a command-line commando, so I prefer using a client like this.

At startup (the Session settings), enter your server’s host name or IP address and the new SSH port number. In the Connection/Data settings, enter your “Auto-login username” unless you want to type it in every time you connect. In the Connection/Auth settings, enter the “Private key for authentication”.

Go to the Connection/SSH/Tunnels settings and enter any port number you’re not using for something else in the “source port”, click the Dynamic radio button and click the “Add” button. Go back to the Session settings and save it. Don’t overwrite “Default Settings”.

Almost any closed port will work. I like the simple ones, like 1080 or 8080.

For Android, I prefer ConnectBot, which you can find in the Google Play Store. It’s pretty straightforward. You just have to remember the settings and save them to use the next time. Don’t ask me about IOS because I haven’t a clue.

A Web Browser Extension as an SSH Tunnel Proxy

You can’t do it on Android without editing a web browser configuration file. I found out how to do with it with Firefox but not Chrome.

The FoxyProxy extension works on both desktop versions of Chrome and Firefox. In the manual configuration options, make sure you use as the host address and enter the SSH tunnel port number. Also make sure “SOCKS proxy” and “SOCKS v5” are selected.

Your SSH client has to be connected before the proxy can be used. You can check your IP address by using the whatsmyip service (or just by typing “whatsmyip” in the Google search box) to see if your IP address changes.

Why use an SSH Tunnel?

I live in the Philippines and a lot of websites block the Philippines. It’s kind of hard to do research when I’m blocked. My server is in the United States. If I use an SSH tunnel, I no longer have that problem.

I use it when I don’t want my exact location tracked without going completely anonymous, especially when I’m traveling.

Google search results returned in the Philippines differ from those returned in the United States. I understand you can do some fancy URL maneuvering to get around it, but using an SSH tunnel is so much easier.

Before I switched my website from HTTP to HTTPS, I used to restrict access to the administrative back-end to my SSH tunnel. It was painful.

Share: Facebook | Twitter

By RT Cunningham
August 11, 2016