Using SSH Tunneling to Avoid Firewalls

Posted in Uncategorized

Our firewall at work restricts us to only port 80 and no access to SSH – which as you can imagine for a web developer is a pretty big issue. Below I’ll describe the various methods of routing around this crap.


Create a SOCKS5 Proxy with SSH

If your firewall restricts which sites you can visit but you have access through SSH to a remote server, route your browser and other traffic through that server with a SOCKS5 proxy. This is called Dynamic Port Forwarding:

ssh -f -N -D 1080 remote-server

The above command creates a SOCKS5 proxy server on port 1080 of your machine which sends all traffic through remote-server. 

Use it with you browser:

Now use the server in Firefox:

  • go to Edit -> Preferences -> Advanced -> Network -> Connection -> Settings…
  • check “Manual proxy configuration”
  • make sure “Use this proxy server for all protocols” is cleared
  • clear “HTTP Proxy”, “SSL Proxy”, “FTP Proxy”, and “Gopher Proxy” fields
  • enter “” for “SOCKS Host”
  • enter “1080” (or whatever port you chose) for Port.

Use it with git:

You can also configure SSH git origins to work with your proxy:

Open ~/.ssh/config and add

Host bitbucket.org
    User git
    ProxyCommand nc -x localhost:1080 %h %p

Now you can just clone/push/pull as normal. See here for more information.