Proxy Server Over SSH

From PrgmrWiki

Some SSH clients are able to create a SOCKS proxy server that will tunnel the http, dns, or whatever connections through the ssh connection. This way they appear to come from the ssh server instead of the client computer. The traffic is also encrypted on the client physical network if the SOCKS server and client use the localhost interface.

With OpenSSH this is done with the -D option of ssh, like

ssh -D localhost:8080


ssh -D *:8080

to listen to all interfaces.

With PuTTY this is configured in the Tunnels panel as a Dynamic and Auto tunnel with a blank destination and the source port is what to listen to as the proxy server (8080). For more description of using PuTTY this way, see

Then a web browser or other SOCKS proxy client can be configured to connect to the ssh client proxy server (localhost:8080 in the above example). With firefox the FoxyProxy extension is very useful for switching between proxy configurations.