SSH Tunnel in Unix/Linux
Most Unix/Linux installs contain ssh and MAC OSX is based off FreeBSD and also contains ssh. Open a shell (terminal window) and type the command that matches with the filtering level you want below (please remember to substitute your account name and your ssh server):
ssh -L 5000:127.0.0.1:8888 youraccount@yourassignedsshserver
ssh -L 5000:127.0.0.1:8080 youraccount@yourassignedsshserver
- 8888 is unfiltered, you do your own filtering, basic header changes protect your privacy.
ssh -L 5000:127.0.0.1:9999 youraccount@yourassignedsshserver
- 8080 is filtered, it passes through privoxy for added safety, but that can substantially slow it down.
- 9999 is a straight through proxy that changes nothing but your IP address. This is the fastest.
Upon executing the command you'll get a message on first connect asking you to verify the DSA key (server used in message below is only an example and may not be your ssh server name):
The authenticity of host 'express1.cotse.net (220.127.116.11)' can't be established.
DSA key fingerprint is 30:dd:be:8b:54:ec:ff:36:6c:90:c1:bb:6f:75:0c:2f.
Are you sure you want to continue connecting (yes/no)?
You can verify the DSA key here.
Once verified type yes to accept it and then you'll be prompted to log in (during login typing may not echo, just type and hit enter anyway) and leave the window open, this is your tunnel. Next configure Firefox to use the tunnel.
To configure FireFox:
- Run FireFox
- Click Tools - Options
- Click Advanced
- Click Network
- Click Settings
- Click Manual Proxy Configuration
- Enter 127.0.0.1 and port 5000
- Click Use the server for all protocols
- Click OK
- Click OK again
- Surf away.
Note: We recommend Firefox with the NoScript and AdBlockPlus addons and port 8888 for your best speed and most configurable privacy protection.
MAC users should use Firefox over Safari anyway. Safari has difficulty rendering pages if you mask the user agent string. Our proxies do this for your privacy. This means Facebook and some other sites will not work in Safari with our proxies on a port other than 9999, instead you'll need Firefox.