Route Browser Traffic Securely via SSH on Ubuntu

This guide explains how to secure your web browsing traffic by routing it through a remote Ubuntu Linux server using an SSH SOCKS proxy. By creating a secure SSH tunnel, you can encrypt your internet traffic, bypass local network restrictions, and browse the web using your server’s IP address. We will cover how to establish the SSH tunnel from your local machine and how to configure your web browser to use this secure connection.

Step 1: Create the SSH Tunnel

To start routing your traffic, you need to establish a dynamic port forwarding connection (SOCKS proxy) using your local terminal (macOS/Linux) or an SSH client like PuTTY (Windows).

Open your local terminal and run the following command:

ssh -D 1080 -C -N -f user@your_server_ip

Here is what these flags mean: * -D 1080: Opens a local SOCKS proxy port on your machine (port 1080 is standard, but you can choose any open port). * -C: Compresses data to speed up the connection. * -N: Tells SSH not to execute remote commands. This is useful for just forwarding ports. * -f: Runs the SSH process in the background, freeing up your terminal. * user@your_server_ip: Replace this with your Ubuntu server’s username and public IP address.

Once you enter your password or SSH key passphrase, the tunnel will run silently in the background.

Step 2: Configure Your Web Browser

Once the tunnel is open, you must configure your web browser to direct its traffic through the newly created local SOCKS proxy.

Configuring Mozilla Firefox (Recommended)

Firefox is ideal for this because it allows you to configure proxy settings independently of your operating system.

1. Open Firefox and go to Settings.
2. Scroll down to the Network Settings section and click Settings….
3. Select Manual proxy configuration.
4. Leave the HTTP Proxy, HTTPS Proxy, and FTP Proxy fields blank.
5. In the SOCKS Host field, enter 127.0.0.1.
6. In the Port field, enter 1080 (or the port you specified in Step 1).
7. Ensure SOCKS v5 is selected.
8. Check the box that says Proxy DNS when using SOCKS v5 to prevent DNS leaks.
9. Click OK to save the settings.

Configuring Google Chrome / Brave / Edge

These browsers use your operating system’s system-wide proxy settings by default. To avoid changing system-wide settings, you can launch Chrome from the command line with proxy flags.

• macOS:

  /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --proxy-server="socks5://127.0.0.1:1080"

• Windows: Press Win + R and run:

  chrome.exe --proxy-server="socks5://127.0.0.1:1080"

Step 3: Verify the Connection

To confirm your web traffic is successfully routing through your Ubuntu server:

1. Open your configured browser.
2. Visit a public IP checking website, such as icanhazip.com or dnsleaktest.com.
3. The displayed IP address should match your Ubuntu server’s public IP address, not your local network’s IP.

Step 4: Closing the Tunnel

When you are finished browsing and want to close the secure tunnel:

1. If you configured Firefox, revert the Network Settings back to No proxy.
2. To stop the background SSH process on your local machine, open your terminal and run:

kill $(pgrep -f "ssh -D 1080")