GRIMT3CH Technology, Geekery, & General Nerdiness


Pesky internet filter? Why not SOCK it with SSH

routeHave you ever been behind an internet filter and really needed to get to a filter url?  With a little prior setup it can be pretty easy to, well we'll say, bypass...

First you need a machine somewhere out on the net you have access to running SSH.  What is SSH?  If your running a Mac or a Linux box you already have it.  For the purposes of this tutorial I'll show you how to do it on your Mac.  The first thing to understand is that the remote machine either has to be directly connected to the internet (cable modem to computer), or you will have to enable port forwarding on your router.  Because port forwarding will differ from router to router I'll assume your computer is directly connected to the internet.

Now for the simple part, enabling SSH on your "home" Mac.  Just open System Preferences, click on Sharing, and check the Remote Login option.


Click to Enlarge

We're in the home stretch.  Your Mac actually tells you almost everything you need to know.  If you look under the status indicator it states "To log in to this computer remotely, type ssh 'username@ipaddress'".  Now one thing to realize here is that your IP will probably change from time to time.  So you may want to look at a service like dynamic dns.  It allows you to install a client or setup your router to update your ip address automatically so you can enter a URL like Instead of having to remember an IP that might change at any time.

Okay , now for the remote machine all you have to do is open the Terminal application (Applications -> Utilities) and enter the following command:

ssh -D 9000 username@ipaddress

Let's look at that command.  We are telling SSH to log into your machine using your username at the IP address that was supplied by the sharing window.  Then create a socks proxy (-D switch) on port 9000.  You can use any port you want but I would keep it over 9000.  You will be presented with a password prompt.  Enter the password that corresponds to the username on the remote machine.  If everything works out you should see a welcome to Darwin message and have a terminal session running.

All you have to do now is enter the proxy information on your computer.  Just enter the localhost address of your machine and port 9000.  Fire up your browser and give it a try.  If all went well you should be able to view the page that was being filtered.  Now there are a lot of things that could get in the way of doing this.  Allowed ports, setting up your router correctly, and so on.  But hopefully you get right out.  Good Luck!

Hack the future!!!

Tagged as: , , , , No Comments