Ubuntu Socks Proxy
How to setup a Socks5 Proxy server on Ubuntu with Dante
Dante Socks5 Server
Dante is a socks5 server that you can use to setup a socks5 proxy on your ubuntu or debian machine. In this quick tutorial we shall learn how to setup dante and use authentication.
With authentication enabled, the dante proxy server would require all clients to provide login details in order to use the proxy server. This is a good idea.
1. Install Dante on Ubuntu
The default Ubuntu repositories have the dante-server package but it is outdated. The version present is 1. 1. 19 which is quite old and also has some bugs. The authentication feature does not work properly.
If you don’t need authentication then you can install it.
sudo apt-get install dante-server
The version in repository was
# danted -v
danted: dante v1. 19
Known authentication issues
Like mentioned earlier, the authentication feature does not properly work with it. The log file shows the following error messages –
Mar 11 14:05:05 (1489241105) danted[5020]: pass(1): tcp/accept]: username%[email protected] -> 104. 131. 115. 128. 1080: system username/password failed
Trying to test with curl shows the following error message –
$ curl -v -x socks5username:[email protected]:1080 * Trying 104. 128…
* User was rejected by the SOCKS5 server (1 1).
* Closing connection 0
curl: (7) User was rejected by the SOCKS5 server (1 1).
Some users have reported similar issues at this reddit post -Install newer version directly from file
So we need to install a newer version. There is a ppa for dante-server at –
but it is no longer being maintained. But we can use the deb file from the ppa to install dante on Ubuntu 16. 10
The download url is this:
using the wget command:
# wget Install using gdebi command:
$ sudo apt-get install gdebi-core
$ sudo gdebi
2. Configure
The next task is to configure the dante server before starting it. The configuration file can be found here –
nano /etc/
The contents should look similar to this –
# /etc/
logoutput: syslog
ivileged: root
user. unprivileged: nobody
# The listening network interface or address.
internal: 0. 0. 0 port=1080
# The proxying network interface or address.
external: eth0
# socks-rules determine what is proxied through the external interface.
# The default of “none” permits anonymous access.
socksmethod: username
# client-rules determine who can connect to the internal interface.
clientmethod: none
client pass {
from: 0. 0/0 to: 0. 0/0
log: connect disconnect error}
socks pass {
Now start the danted proxy server
# service danted start
Use the netstat command to check the port number
# netstat -nlpt | grep dant
tcp 0 0 0. 0:1080 0. 0:* LISTEN 6342/danted
3. Create a User
Dante can use the system unix user accounts to authenticate the connecting clients. For this you should create a separate user. Any client that will be connecting to this proxy server will be sending the password in plain text over the network, so beware of that.
$ adduser mike
4. Test with curl
Once you have setup everything, its time to test that the proxy server is working as expected. Use the curl command to do this. Specify the username, password, server ip and port number and try fetching some url.
curl -v -x socks5mike:[email protected]
Conclusion
Dante is a socks5 server that can be used as a proxy server. For instance you can setup an online linux server and use it as a proxy server to access other websites. Such proxy servers are useful when you need to change your ip address on the internet or access a website from a different geo location.
If you need an proxy server or caching solution try Squid Proxy which supports, etc.
Resources
Config documentation can be found here –
If you want to compile the latest version of dante from source then check out these links –
Create a SOCKS proxy on a Linux server with SSH to bypass …
Mattias Geniar, January 19, 2017
Follow me on Twitter as @mattiasgeniar
Are you on a network with limited access? Is someone filtering your internet traffic, limiting your abilities? Well, if you have SSH access to _any _server, you can probably set up your own SOCKS5 proxy and tunnel all your traffic over SSH.
From that point on, what you do on your laptop/computer is sent encrypted to the SOCKS5 proxy (your SSH server) and that server sends the traffic to the outside.
It’s an SSH tunnel on steroids through which you can easily pass HTTP and HTTPs traffic.
And it isn’t even that hard. This guide is for Linux/Mac OSX users that have direct access to a terminal, but the same logic applies to PuTTy on Windows too.
You set up a SOCKS 5 tunnel in 2 essential steps. The first one is to build an SSH tunnel to a remote server.
Once that’s set up, you can configure your browser to connect to the local TCP port that the SSH client has exposed, which will then transport the data through the remote SSH server.
It boils down to a few key actions;
You open an SSH connection to a remote server. As you open that connection, your SSH client will also open a local TCP port, available only to your computer. In this example, I’ll use local TCP port:1337.
You configure your browser (Chrome/Firefox/…) to use that local proxy instead of directly going out on the internet.
The remote SSH server accepts your SSH connection and will act as the outgoing proxy_/vpn_ for that SOCKS5 connection.
To start such a connection, run the following command in your terminal.
$ ssh -D 1337 -q -C -N
What that command does is;
-D 1337: open a SOCKS proxy on local port:1337. If that port is taken, try a different port number. If you want to open multiple SOCKS proxies to multiple endpoints, choose a different port for each one.
-C: compress data in the tunnel, save bandwidth
-q: quiet mode, don’t output anything locally
-N: do not execute remote commands, useful for just forwarding ports
the remote SSH server you have access to
Once you run that, ssh will stay in the foreground until you CTRL+C it to cancel it. If you prefer to keep it running in the background, add -f to fork it to a background command:
$ ssh -D 1337 -q -C -N -f
Now you have an SSH tunnel between your computer and the remote host, in this example
Next up: tell your browser to use that proxy. This is something that should be done per application as it isn’t a system-wide proxy.
In Chrome, go to the chromesettings/ screen and click through to Advanced Settings. Find the Proxy Settings.
In Firefox, go to Preferences > Advanced > Network and find the Connection settings. Change them as such:
From now on, your browser will connect to localhost:1337, which is picked up by the SSH tunnel to the remote server, which then connects to your HTTP or HTTPs sites.
This has some advantages and some caveats. For instance, most of your traffic is now encrypted.
What you send between the browser and the local SOCKS proxy is encrypted if you visit an HTTPs site, it’s plain text if you visit an HTTP site.
What your SSH client sends between your computer and the remote server is always encrypted.
What your remote server does to connect to the requested website may be encrypted (if it’s an HTTPS site) or may be plain text, in case of plain HTTP.
Some parts of your SOCKS proxy are encrypted, some others are not.
If you’re somewhere with limited access, you might not be allowed to open an SSH connection to a remote server. You only need to get an SSH connection going, and you’re good to go.
So as an alternative, run your SSH server port on additional ports, like:80, :443 or:53: web and DNS traffic is usually allowed out of networks. Your best bet is:443, as it’s already an encrypted protocol and less chance of deep packet inspection middleware from blocking your connection because it doesn’t follow the expected protocol.
The chances of:53 working are also rather slim, as most DNS is UDP based and TCP is only use in either zone transfers or rare DNS occasions.
Visit any “what is my IP” website and refresh the page before and after your SOCKS proxy configuration.
If all went well, your IP should change to that of your remote SSH server, as that’s now the outgoing IP for your web browsing.
If your SSH tunnel is down, crashed or wasn’t started yet, your browser will kindly tell you that the SOCKS proxy is not responding.
If that’s the case, restart the ssh command, try a different port or check your local firewall settings.
Want to subscribe to the newsletter?
I write a weekly-ish newsletter on Linux, open source & webdevelopment called
It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.
No spam. Just some good, practical Linux & open source content.
How to setup SOCKS proxy | DigitalOcean
I’ve squid-proxy installed on my droplet and HTTP proxy works just fine. However there are some apps that ask for SOCKS proxy. Is there any standard SOCKS server that’s easy to setup (really easy)? Or sth that I can install just with an apt-get?
I have seen many blog posts using this “ssh -D 8080 root@” and then a “curl –socks5-hostname 127. 0. 1:8080 actually shows that the network is using this proxy.
So, does a DO droplet come pre-installed with a SOCKS server? Or is it OpenSSH?
If the answer to above is “yes” then can I use it in my applications? If yes, running the “ssh -D.. ” in a terminal and then using it doesn’t seem to be comfy. So, how can I use a SOCKS server that is running on my droplet all the time and I can use with various applications – just like my squid HTTP proxy works?
tl;dr: I need to have a SOCKS proxy server on my droplet running all the time so that I can use it some applications (e. g. LimeChat) and I want simple setup and non-complex configuration (great if I can get sth Zero Config).
These answers are provided by our Community. If you find them useful, show some love by clicking the heart.
If you run into issues leave a comment, or add your own answer to help others.
×
Submit an Answer
SOCKS proxies can be created without any special SOCKS proxy software if you have OpenSSH installed on your server and a SSH client with dynamic tunnelling support installed on your client computer.
Since you’re talking about LimeChat, I’m assuming you’re running Mac OS. To create a SOCKS proxy or dynamic SSH tunnel in Mac OS you’ll need to open up the Terminal (Applications >> Utilities >> Terminal)
Once there type and press enter:
ssh -D 10000 user@
Now, enter your password and make sure to leave the Terminal window open. You have now created a SOCKS proxy at localhost:10000. Only close this window if you wish to disable your local SOCKS proxy.
Now, you can now configure any software to proxy through your DigitalOcean VPS by telling it to use localhost:10000. Optionally, you can configure your system to use this SOCKS proxy for all outgoing connections.
To forward your IRC connections in LimeChat through your DigitalOcean VPS (warning you might get DDoS’d) edit Server Properties > Details (see LimeChat Proxy Preferences) Enter localhost for the SOCKS server and 10000 for the port.
To forward all connections in Mac OS X through your DigitalOcean VPS Go to ‘Preferences’ >> ‘Advanced’ >> ‘Settings…’ >> ‘Manual proxy configuration’. Enter localhost for the SOCKS server and 10000 for the port. (see Setting up a SOCKS proxy in Mac OS X
One caveat is that some applications cannot correctly forward DNS requests through this local SOCKS proxy (i. e. they cannot talk the SOCKS v4a or SOCKS v5 protocol. ) If that’s the case you’ll can either email the upstream developer and ask for a bugfix/ SOCKS5 support, switch applications, or use an intermediate proxy client that is able to speak SOCKS 5 such as Polipo or Privoxy.
SOCKS is an internet protocol and you don’t need to install anything on the server other than an, of course, an ssh server which is a given since this is a cloud server. The more pressing issue is usually client-side software since you need to be able to open an ssh connection as well as open a local port on the device you want to use the SOCKS proxy on. If your on a computer its simple, on a phone or tablet its a bit more difficult, and on an embedded device it can get complicated really quick. On a computer you can just use Putty on Windows or the Terminal on a MAC or LINUX machine. Its just basically just an SSH tunnel to the server and on the client side a “SOCKS Proxy” is just the application (i. Firefox web browser) port forwarding all traffic through the ssh tunnel. The trick is finding a client side application that can both open a remote ssh connection, open a local port, then forward network traffic through it, and of course the application your using needs to support SOCKS proxies as well but it sounds like allready have that… In the end the difficulty all depends on the what you need to do and as a pice of further advice just google “SSH Tunnel” there are a lot of things you can do with it. As a side note the last part of the comand you posted above is just an example of how to manually route the network traffic form a LINUX terminal command through a SOCKS Proxy “(n this case curl) “curl –socks5-hostname 127. 1:8080
by Michael HolleyYou can browse the web securely using a Droplet with SSH access as a SOCKS 5 proxy end point. In this tutorial we’ll use a Ubuntu 20. 04 Droplet as the proxy, and the Firefox web browser as the client application. By the end of this tutorial you should be able to browse websites securely through an SSH tunnel.
How to install 3proxy (small proxy) on ubuntu:
3Proxy tiny free proxy server is really tiny cross-platform (Win32/Win64&Unix) freeware proxy servers set. It includes HTTP proxy with HTTPS and FTP support, SOCKSv4/SOCKSv4. 5/SOCKSv5 proxy (socks/), POP3 proxy, SMTP proxy, AIM/ICQ proxy (icqpr/), MSN messenger / Live messenger proxy (msnpr/), FTP proxy, caching DNS proxy, TCP and UDP portmappers.
You can use every proxy as a standalone program (socks, proxy, tcppm, udppm, pop3p) or use combined program (3proxy). Combined proxy additionally supports features like access control, bandwidth limiting, limiting daily/weekly/monthly traffic amount, proxy chaining, log rotation, syslog and ODBC logging, etc.
Looking for something else?
Frequently Asked Questions about ubuntu socks proxy
How use SOCKS5 proxy Ubuntu?
How to setup a Socks5 Proxy server on Ubuntu with DanteInstall Dante on Ubuntu. The default Ubuntu repositories have the dante-server package but it is outdated. … Configure. The next task is to configure the dante server before starting it. … Create a User. … Test with curl.Jul 26, 2020
How do I setup a proxy server for SOCKS?
Click the Apple icon at the top left of the menu bar on your screen and select System Preferences. Select Network and then Proxies. Click the Advanced button to access the Network settings and navigate to the Proxies tab. Click the SOCKS Proxy checkbox and enter the host and port information.Jan 12, 2017
How use SOCKS5 proxy in Linux?
To use it, just make your software use SOCKS5 proxy on your Linux computer’s IP, port 1080, and you’re done – all your requests will now get proxied. The first rule says, allow anyone from 1.2. 3.4 to connect to port 1080 , and the other rule says, deny everyone else from connecting to port 1080 .