Jump to content
Brian Enos's Forums... Maku mozo!

Mac Proxy Server

benos

By benos
in Macintosh

 Share

Recommended Posts

mjohns930 Looks for Range

mjohns930

Posted
Posted (edited)

A locally attached caching proxy is pretty cool...but I would assume (probably incorrectly) that you are looking for something along the lines of security and anonymity on the internet. But if it is a caching proxy you are looking for here (anandtech.com) is a pretty helpful article.

Now if you are looking for something along the lines of security and anonymity when say browsing from an open public hotspot this is what I do, granted it's on a Windows machine, but I am confident there is a similar way to do this on a Mac.

I have a low power Intel Atom based machine running all the time at my apartment with Ubuntu Linux Server on it. The most important thing you need running on it for this is Open SSH Server. I then SSH into the machine with Putty and set Putty up to act as my proxy. Then change the proxy settings on my browser or IM client or whatever I am using and then it connects over a secure SSH tunnel. All the traffic goes through my Ubuntu Server first and then to my computer I am using. This (knightwise.com, PDF) probably explains it a little better. And like I said I am confident this can be adapted to an OSX machine.

ETA: Ok...so I did a quick search and I found this (lifehacker.com) article which does go into how to do this on a Mac. You also don't need Putty as OSX has a terminal, so it's a quick command away to do this.

Hope this helps.

Mitch

Edited by mjohns930
Link to comment
Share on other sites
benos Back From the Dead

benos

Posted
  • Author
Posted

ETA: Ok...so I did a quick search and I found this (lifehacker.com) article which does go into how to do this on a Mac. You also don't need Putty as OSX has a terminal, so it's a quick command away to do this.

Mitch

Thanks for that link.

So from that article, does this sound correct if I SSH into my (brianenos.com) server as "root." At the command line I'd enter:

ssh -ND 9999 root@brianenos.com

Then configure my computor's Network Settings to connect via proxy brianenos.com / port 9999.

It doesn't look like I'm doing anything in Terminal?

Thanks,

be

Link to comment
Share on other sites
mjohns930 Looks for Range

mjohns930

Posted
Posted (edited)

ETA: Ok...so I did a quick search and I found this (lifehacker.com) article which does go into how to do this on a Mac. You also don't need Putty as OSX has a terminal, so it's a quick command away to do this.

Mitch

Thanks for that link.

So from that article, does this sound correct if I SSH into my (brianenos.com) server as "root." At the command line I'd enter:

ssh -ND 9999 root@brianenos.com

Then configure my computor's Network Settings to connect via proxy brianenos.com / port 9999.

It doesn't look like I'm doing anything in Terminal?

Thanks,

be

Ok, you will actually type ssh -ND 9999 root@brianenos.com from your Mac. That will SSH you into your brianenos.com server as root and set up the proxy on your Mac on port 9999. Although I would not SSH in as root, that is entirely up to you. Then you go into Firefox and change the proxy settings. Your terminal on your Mac will simply give you a prompt and that's it, just like SSHing into your server regularly. There won't be anything happening.

ETA: Ok I think I misunderstood. You were typing ssh -ND 9999 root@brianenos.com from your Mac to log into your server. That should do it. Check your ip address before you enable all that and then after to see if it changed. Also from that article I think you would actually change the proxy host to localhost. That is the host that the terminal is outputting for you to connect to.

Edited by mjohns930
Link to comment
Share on other sites
benos Back From the Dead

benos

Posted
  • Author
Posted

Ok, you will actually type ssh -ND 9999 root@brianenos.com from your Mac. That will SSH you into your brianenos.com server as root and set up the proxy on your Mac on port 9999. Although I would not SSH in as root, that is entirely up to you. Then you go into Firefox and change the proxy settings. Your terminal on your Mac will simply give you a prompt and that's it, just like SSHing into your server regularly. There won't be anything happening.

ETA: Ok I think I misunderstood. You were typing ssh -ND 9999 root@brianenos.com from your Mac to log into your server. That should do it. Check your ip address before you enable all that and then after to see if it changed. Also from that article I think you would actually change the proxy host to localhost. That is the host that the terminal is outputting for you to connect to.

I added a new user to my server, benos1. So in terminal on my Mac I'll enter:

ssh -ND 9999 benos1@brianenos.com

The point the advanced settings in the prefs for Safari to connect via proxy to brianenos.com / port 999, and that should do it.

It also appears that I can configure the System Prefs/Network to connect all internet connections to go through brianenos.com/9999... I'll play with that when I have some more time tomorrow.

be

Link to comment
Share on other sites
benos Back From the Dead

benos

Posted
  • Author
Posted

That all sounds good...but I think that the proxy host should be localhost instead of the actual server you are connecting to such as brianenos.com.

Thank you.

So where would "localhost" go in this:

ssh -ND 9999 benos1@brianenos.com

ssh -ND 9999 benos1@localhost.com

?

be

Link to comment
Share on other sites
Smithars Looks for Range

Smithars

Posted
Posted

That all sounds good...but I think that the proxy host should be localhost instead of the actual server you are connecting to such as brianenos.com.

Thank you.

So where would "localhost" go in this:

ssh -ND 9999 benos1@brianenos.com

ssh -ND 9999 benos1@localhost.com

?

be

It wouldn't go in either. you use the first command to establish the tunnel from port 9999 on localhost to brianenos.com. This tells ssh to listen on localhost:9999 for traffic and send anything it gets to brianenos.com.

Then in your web browser proxy settings you put localhost as the socks host and 9999 as the port. This sends all your browser traffic to localhost:9999 where ssh is listening and it forwards it on to brianenos.com.

Link to comment
Share on other sites
benos Back From the Dead

benos

Posted
  • Author
Posted

That all sounds good...but I think that the proxy host should be localhost instead of the actual server you are connecting to such as brianenos.com.

Thank you.

So where would "localhost" go in this:

ssh -ND 9999 benos1@brianenos.com

ssh -ND 9999 benos1@localhost.com

?

be

It wouldn't go in either. you use the first command to establish the tunnel from port 9999 on localhost to brianenos.com. This tells ssh to listen on localhost:9999 for traffic and send anything it gets to brianenos.com.

Then in your web browser proxy settings you put localhost as the socks host and 9999 as the port. This sends all your browser traffic to localhost:9999 where ssh is listening and it forwards it on to brianenos.com.

Thanks for the followup.

Would you know if that would be all that needs to be done for it to work? I've been researching the crap out of it, and it looks like the server might also need to be configured for it to work:

http://www.google.com/search?hl=en&client=safari&rls=en&q=how+to+configure+my+own+linux+server+as+a+proxy+server&aq=f&aqi=&aql=&oq=&gs_rfai=

I just submitted ticket with my server's support company on that, and they said they could set it up to work (we'll still in the Q&A fase).

Thanks for all the help.

be

Link to comment
Share on other sites
Smithars Looks for Range

Smithars

Posted
Posted

Thanks for the followup.

Would you know if that would be all that needs to be done for it to work? I've been researching the crap out of it, and it looks like the server might also need to be configured for it to work:

http://www.google.com/search?hl=en&client=safari&rls=en&q=how+to+configure+my+own+linux+server+as+a+proxy+server&aq=f&aqi=&aql=&oq=&gs_rfai=

I just submitted ticket with my server's support company on that, and they said they could set it up to work (we'll still in the Q&A fase).

Thanks for all the help.

be

That's all you should have to do for it to work. The google search you linked shows mostly setups using Squid which is an actual proxy server and that would require setting up squid on the server side. You don't need that if you're using the ssh server as a Socks proxy. If the ssh server is already setup on the server side, ie you can log in via ssh, then nothing additional should be needed to use the Socks setup.

That being said there are instructions in the original links for the socks setup for getting the proxy to do the dns queries rather than your web browser. this is only necessary if you want to make sure that anyone sniffing the traffic can't see the web sites you are going to by looking at the DNS queries.

Link to comment
Share on other sites
mjohns930 Looks for Range

mjohns930

Posted
Posted

Sorry I wasn't more clear with the localhost settings. Sometimes things in my head don't come out the same way as I think them. Smithars got you set straight. Also markcic also points out a good way to check that it's working. I didn't have to do any setup server side, and I am running a pretty standard install of Ubuntu Server on my little "server" that I proxy through.

Link to comment
Share on other sites
benos Back From the Dead

benos

Posted
  • Author
Posted

Thanks for all the help everyone.

I ended up having my server's tech guy install Squid on the server. Then the only thing I had to do on my end was make a new Location in the Network Prefs, so now I can easily switch back and forth from my ISP to the proxy server. Pretty sweet deal.

be

Link to comment
Share on other sites
  • 3 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


×
×
  • Create New...