How to Bypass Network Filters With an SSH Tunnel

Can’t get to Facebook or your other favorite sites on the Internet from work because the network admins are blocking you with a proxy? You might be able to get around these restrictions by implementing an SSH tunnel.

[ad code=2 align=center]

An SSH tunnel will keep your connection secure, protect your passwords and bypass any restrictions on the sites you visit.

Here’s how you do it.

• Step 1: Get an SSH account on an external webserver. Many web hosting companies will also allow you to have an SSH account in addition to your web hosting access. Usually this is free or just a few bucks more per month.
• Step 2:  Get Putty from here.  Putty is a great SSH and Telnet client.  It is also the software that allows for a local computer like yours to tunnel connections to your SSH server.
• Step 3:  Configure Your Tunnel.  Once Putty is installed, you need to configure your connection to your SSH server.  Type in the hostname of your SSH server or your server’s IP address.  Then, in the left, expand the SSH tree and click on Tunnels.  Click the Dynamic radio button and put 80 in the Source port box like this:

  

  Then click on add.  D80 should now be listed in the Forwarded ports box.  Now click back on Session at the top of the tree and give this session a name and click save.  Now open the session and login to your SSH server.

• Step 4:  Configure Your Browser.  Every web browser has the capability to use a proxy.  What you want to do is configure your browser to use your own machine as a SOCKS proxy.  With Firefox, you do this by clicking on Tools, then Options.  Click the Network Tab and then click the settings button.  You should see this screen:

  

  Click the Manual Proxy Configuration button.  For SOCKS Host, type in localhost and set the port to 80.  Make sure the SOCKS v5 button is checked too.  Then click OK and you are done.  You should now have a working tunnel.

To test whether the tunnel is working, go to a site such as WhatismyIP.com.  The IP address displayed at the top of that page should be the IP of your SSH server, not your corporate firewall or company proxy server.

If this does not work, it may be due to restricted SSH outbound access in your organization, or there is a local workstation controlset that prohibits you from changing your proxy settings.  And remember, if you do this, you may be violating corporate policy, which could get you fired, so use at your own risk.