webinista/RunAProxyOnAmazonEC2VPC.md

Last active August 18, 2024 18:20

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/webinista/812c20247a6c21e639ce.js"></script>
Save webinista/812c20247a6c21e639ce to your computer and use it in GitHub Desktop.

Create a proxy server on an Amazon EC2 (VPC) instance

Raw

This will create a proxy server in whatever your availability zone your VPC is in. For me, that's us-east-1b. For you, that may be something different. Steps 10+ should more or less work regardless of your provider since those steps cover the setup and configuration of TinyProxy.

Click the Launch Instance button.
Choose Ubuntu Server 14.04 LTS (HVM), SSD Volume Type. This isn't strictly necessary. If you choose another OS, check its documentation for how to install new packages.
On the Choose an Instance Type screen, select t2.micro. It's Free Tier eligible.
Click the Next: ... buttons until you reach the Configure Security Group screen.
- You may wish to reduce the amount of storage on the Add Storage screen. This is optional.
- You may wish to add a tag on the Tag Instance screen. This is also optional.
On the Configure Security Group screen:
- Select Create a new security group.
- On the first line, verify that Type is SSH, Protocol is TCP and the Port Range is 22. Under Source, select "My IP" from the drop down menu. This restrict incoming connections to those from your IP address.
- Click the Add Rule button.
- Select Custom TCP Rule. Make sure the Protocol is TCP, and the Port Range is 8888. Under Source, select My IP from the drop down menu. This opens Port 8888.
Click Review and Launch, and on the following screen, click Launch.
Make sure Use an existing key pair is selected, or create a new key. If you are using an existing pair, check the acknolwedgement box.
Go to View Instances.
Select the instance you just created. Click the Connect button above the list of instances.
Using a terminal window, run the SSH command listed, e.g. ssh -i /path/to/yourkey.pem [email protected], where xxx.xxx.xxxx is the IP of your EC2 or VPC instance. The first time, SSH will tell you The authenticity of host 'xxx.xxx.xxxx (xxx.xxx.xxxx)' can't be established. Continue anyway.
Run this command: sudo apt-get install tinyproxy (or the package installation command for the flavor of Linux your instance is using).
Edit /etc/tinyproxy.conf using the editor of your choice. You'll probably need to use sudo.
Make sure that /etc/tinyproxy.conf file contains the lines Port 8888 and Allow xxx.xxx.xxx.xxxx where xxx.xxx.xxx.xxxx is your IP address. (Check your IP address by running curl ipecho.net/plain from another Terminal window, or use WhatIsMyIP.com).
Start TinyProxy using /etc/init.d/tinyproxy start. You may want to set this up in a cron job to save memory as Justin McCandless suggests. I usually shut down the instance after I'm done with it, so I haven't bothered doing this.
Most other tutorials about this subject say to run the command below with the -N flag. The -N flag means Do not execute a remote command. Using it didn't work for me. So I ran the command below without that flag. Here, 3128 is the port that we'll use to connect to localhost. And it will be forwarded to port 8888 of our EC2 VPC instance.
```
ssh -L 3128:localhost:8888 -i /path/to/yourkey.pem [email protected] 
```
Change your browser or operating system's proxy settings.
- Make the host localhost
- Set the proxy port to 3128
- Verify that this went well by running curl ipecho.net/plain from another Terminal window, or by using WhatIsMyIP.com. Your IP should match that of your VPC.

tsherdiwala commented Aug 8, 2016

This is an awesome piece.. I have used it many times.
However I was just wonder if instead of keeping the terminal open on my machine, may be I could point my browser to the EC2 instance and get the proxy running. That way in the client device I just need to set the proxy and won't need to run an SSH.

Any idea on how to do this?

attahkhan016 commented Oct 14, 2016

Hello ,
Can you tell me how to proxy a DNS (AWS Elastic Load Balancer provided DNS) ?
***For example I want to add a load balancer in front of my proxy servers, then what should be the configuration ?
Should I need to make any changes in tinyproxy.conf for the elastic load balancer DNS ? or just point to the source server and attach the servers to elb ?

ccc-tomr commented Dec 4, 2016

I didn't use step 15 and had no problems pointing my browser to my EC2 instance, no need to use ssh. Worked like a charm...
tinyproxy rocks !

talkingpixels commented Jan 28, 2017 •

edited

Loading

Step 10 - I had an the error...
Permissions 0644 for 'yourkey.pem' are too open.

Changing the permissions to 600 resolved it...
chmod 600 /path/to/yourkey.pem

linjiang82 commented Nov 11, 2017

I tried to use port 22 directly, it also works, so why do we need to open port 8888

lys886 commented Jan 15, 2018

This is a good idea. But I think, there is no necessary to install 'tinyproxy'; we can just use SSH tunnel.
We can just follow the first 10 step(1 to 10), then you can login your AWS EC with ssh.
11. setup an ssh dynamic tunnel for your ssh connection;( XSHELL: connection properties- SSH - tunneling - add, change type to Dynamic(socks4/5),listening port 3128 or any one not using in you PC, click OK; Putty: SSH-tunnels, Source port 3128/Dynamic, Add )
Then goto step 16.