Skip to content

Instantly share code, notes, and snippets.

@brentjanderson
Created February 20, 2018 17:55
Show Gist options
  • Save brentjanderson/6ed800376e53746d2d28ba7b6bdcdc12 to your computer and use it in GitHub Desktop.
Save brentjanderson/6ed800376e53746d2d28ba7b6bdcdc12 to your computer and use it in GitHub Desktop.
SSH Tunneling with Firefox

Sometimes it is useful to route traffic through a different machine for testing or development. At work, we have a VPN to a remote facility that we haven't bothered to fix for routing, so the only way to access a certain machine over that VPN is via an SSH tunnel to a machine that is reachable over the VPN. Other times, I have used this technique to test internet-facing requests against sites I am developing. It is pretty easy, and if you don't use firefox regularly, you can treat Firefox as your "Proxy" browser and other browsers can use a normal configuration (Although you can also configure an entire system to use the proxy, other articles exists that discuss this potential).

  1. Open a terminal
  2. ssh -ND 9999 [email protected]
  • ssh
  • -N - Do not execute remote commands, just open the connection for forwarding
  • D 9999 - Create a local "dynamic" forwarding port on your local machine, and route all traffic through it to the remote machine via SOCKS v4 or v5
  1. Leave the terminal open, go to Firefox
  2. Open firefox settings, search for "SOCKS" and open the Network Proxy settings button that is now highlighted
  3. Select "Manual proxy configuration"
  4. Enter localhost for the SOCKS host, 9999 for the port, and SOCKS v5 selected. Click "OK" to save it.
  • Leave the HTTP Proxy, SSL Proxy, and FTP proxy fields blank, with port 0 for each
  • If you know what to fiddle with here, consider adjusting the "No proxy for" and "Proxy DNS when using SOCKS v5", if needed

You are now routing all Firefox traffic through your remote box. To verify, Google "What is myIP address" and compare the results in Firefox with those in another browser.

Note that you must change Firefox back to "No Proxy" to disable this effect. If you do not, and you close your SSH tunnel, Firefox will be 100% inoperable until a new tunnel is opened or you revert your network proxy settings in Firefox.

@Laur1nMartins
Copy link

If you want to test something that runs on localhost on the target remote server you need to change an extra setting when using firefox this way.

https://stackoverflow.com/questions/57419408/how-to-make-firefox-use-a-proxy-server-for-localhost-connections

I only needed to enable network.proxy.allow_hijacking_localhost in about:config.

@fergiemcdowall
Copy link

On my network I had to turn on "Proxy DNS when using SOCKS v5" in order to get this to work (as per point 6)

@vincentkelleher
Copy link

Thanks for sharing this 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment