Setup an SSH tunnel in Firefox

 

Introduction

I’m trying to setup a secure connection so I can browse the internet on various Windows machines, but have my internet traffic go through my home connection. Setting up an OpenVPN server at home would be overkill for this, plus, I may not have access to install the OpenVPN software on some machines. Instead, I’m going to setup an SSH tunnel, sometimes called a poor man’s VPN. I’ll use PuTTY to create the tunnel, then proxy all traffic through it using Firefox. This way, Firefox traffic will go to my home router, while traffic from another browser (e.g., Chrome, IE, etc..) will go through my local connection.

Setup your home/remote network

First, you’ll need to make sure you can access your home/remote network via SSH from the internet. I won’t cover that in detail here, but if you’re using OpenWRT, you can use the commands below to create a firewall rule, changing the port as needed.

uci add firewall rule
uci set firewall.@rule[-1].name='ssh tunnel'
uci set firewall.@rule[-1].src='wan'
uci set firewall.@rule[-1].dest_port='1234'
uci set firewall.@rule[-1].target='ACCEPT'
uci set firewall.@rule[-1].proto='tcp'
uci commit firewall
/etc/init.d/firewall restart

It would also be helpful to have dynamic DNS setup, in case your home/remote ISP changes your IP on a regular interval.

Setup PuTTY

Now, you’ll need PuTTY. I recommend the stand-alone executable, in the event you don’t have rights to install software.

When you lauch PuTTY, enter your DDNS name (or home/remoteĀ IP), TCP port, and session name, as shown below.

20150823_001

In the left side of the window, navigate to Connection, then SSH, then Tunnels. In the Source Port box, enter a TCP port on your machine is that is not being used (e.g., 9870). Select Dynamic and Auto, then click Add.

20150823_002

In the left side of the window, navigate back to Session, then click Save to save your setup.

 

Setup Firefox

Next, we’ll configure Firefox to use SSH. Navigate to Tools, then Options, then Advanced, then Network, then Connection Settings.

In the Connection Settings window, select Manual proxy configuration, and enter 127.0.0.1 in the SOCKS Host field and your port in the Port field. Make sure that SOCKS5 and Remote DNS are enabled.

20150823_004

Test your connection

In Firefox, try to navigateĀ to www.google.com. If you setup everything correctly, it should timeout with the error below (since your tunnel is down).

20150823_005

Now, load your saved SSH tunnel session in PuTTY, connect to your home/remote network, and refresh the page in Firefox. It should load now, since your tunnel is up.

20150823_006

 

Let me know how it goes!

-Logan

 

 

4 thoughts on “Setup an SSH tunnel in Firefox

  1. Been using an SSH tunnel for like 6 months now. It is amazing all the things a little 500K app like Putty can do in conjunction with a linux server. One question though – is there a reason that you changed the SSH port to something other than 22? I know that is a security best practice but was curious if there was another reason.

    • Isn’t it?! And nope, just a security best practice. It’s more like security through obscurity, but it deters automated scanners.

Leave a Comment