Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

How to set up a VPN

A DIY guide to securing web access with SSH

Article comments

Local Listeners and Remote Endpoints

Here's where things get a bit confusing, so read carefully. You need to configure a port on your local computer (a "listener") that will take any packets you throw at it and stuff it into an SSH encrypted session. At the other end of the tunnel, the traffic will dump out on your SSH server. In the following sections, I'll show you how to configure your Web browser to proxy your traffic through this local listener. Even though conceptually it seems that you would want to point the Web browser to the remote server, you will technically be pointing it at "localhost," which is a special name for your local computer.

The proxy is set to 'localhost'

You'll need to tell your SSH client to connect to the SSH server and open a tunnel that begins on your laptop (localhost) on port 8888 and terminates at the SSH server, where the data will then be forwarded to the final destination website.

Create Your SSH Tunnel

The process is straightforward on OS X and can be represented in one command:

$ ssh -ND 8888

The 'N' option tells the SSH client that you do not want an interactive session (a command prompt), because you just want to set up a tunnel. The 'D 8888' option tells the SSH client to set up a "dynamic" port-forwarding tunnel on port 8888. The tunnel is dynamic because the destination website will change depending on where you are surfing; other port-forwarding tunnels have static rules, but for web browsing you want the dynamic version. After issuing the command, you will be prompted for a password and then... nothing will happen. Actually, if the command works, the port will be open, but you will not receive any confirmation within Terminal. OS X folks can proceed to the next section.

For Windows, start PuTTY again, scroll down the 'Category' listing on the left to 'Connection', and expand the 'SSH' category to select Tunnels. Select the Dynamic radio button, enter 8888 for 'Source port', and then click Add.

Configuring ports in PuTTY

Now click the Open button. After you enter your password, your tunnel should be created. No confirmation message will display within the command prompt.


More from Techworld

More relevant IT news


palloy said: Its all very well setting up an SSH client and server to form a tunnel but when your browsers request pops out the endpoint of the tunnel what then An HTTP request to a proxy is not the same as one sent to a web server and so has to be processed by a web proxying program once the packet has traversed the tunnelIf it is any good a web proxy will do caching and pipelining for you to cut down on unnecessary tunnel traffic None of this is covered in the article

Auli said: ssh works very good for me

sean said: The least you could do is either edit the article or delete it I wasted a LOT of time with a hostgator rep trying to troubleshoot this before finally finding out they dont support it Articles like this with false information destroy the credibility of your site

Sean said: hostgator does not support this on a shared hosting account

Fernando said: Remember that Firefox uses the local public DNS server when using SOCKS Somebody could spoof the DNS replys and send you to a fake siteTo be really safe you should type aboutconfig in the URL and change to true the following setting networkproxysocksremotednsGreat articleBest regards

mik said: Yeah could you explain how you did it i asked the hostgator support and they replyedm that it isnt enabled for shared hosting Please give a responseMik

crispy said: I tried everything you said here and curiously I cant seem to get my browser to use the tunnel I am on linux and using firefox Its like the tunnel isnt working properly I checked on Hostgator and they write that you can only do VPN on dedicated server accounts I am only on a baby or hatchling curious how you made it work on yours C

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *