SSH is a very secure encrypted connection. Much much easier to setup then a VPN.
its quite easy to setup, on the server side all we need is Open SSH and Squid
on the client side Windows we can use putty.exe and on linux ssh command.

On the Squid server should listen only on 127.0.0.1:8080 here is configuration I use:

acl manager proto cache_object
acl localhost src 127.0.0.1/32

acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
http_port 127.0.0.1:8080

#AUTHENTICATION (optional)
#user: prxusr passbombom

coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

restart squid and make sure its listening on 127.0.0.1:8080

service squid restart
netstat -ntlp |grep 8080

Ok now the SSH Server side we just need to add these lines:
#FOR SSH PROXYING
AllowTcpForwarding yes
#FOR KEEPALIVE (optional)
ClientAliveInterval 300
ClientAliveCountMax 2

On the Client Side Windows with putty.exe (https://the.earth.li/~sgtatham/putty/latest/w64/putty.exe)
open putty.exe
->Saved Session: MyTunnel (click save)
->Host Name: user@ Port: ->Connection->SSH->Tunnels->
Source Port: 8080
Destination: 127.0.0.1:8080
IPv4
Click ADD
Should look like 4L8080 127.0.0.1:8080
->Sessions- Save – Open
then authenticate and check the squid log
tail -f /var/log/squid/access.log

Go to a firefox browser and configure the Proxy as:
127.0.0.1 Port: 8080
[x] User theis proxy server for all protocols
[x] SOCKS v5
[x] Proxy DNS when using SOCKS v5

For a global windows proxy setup do as follows:

Open Settings.
Click Network & Internet.
Click Proxy.
In the Manual Proxy Setup section, set the Use a Proxy Server switch to On.
In the Address field, type the IP address: 127.0.0.1
In the Port field, type the port 8080
Click Save; then close the Settings window.
GO to the site
http://mioip.it/ and check your external IP.

I recommend setting up a free AWS ec2 tiny instance for the server
The cost is:
First 10 TB / month $0.155 per GB
So if you use a lot of data lets says 50GB a month you would pay: 7.75 USD
Go ahead and test your internet connection on
http://openspeedtest.com/

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

*