SSH Proxy How to Windows
Please note this is intended for our clients, but will work method wise as long as you have a valid ssh login somewhere. If you do not have an ssh/vpn account you can order one from us.
We accept bitcoins and anonymous signups. All we ask is for a working email so we can update you regarding service status or changes.
When you purchase your vpn account from us and receive the welcome email it will contain your unique username and password.
Once you have those you can then setup your ssh/socks proxy from that.
To do this you will want install bitvise tunnelier or proxycaps.
Bitvise tunnelier is a free app and can be downloaded from here. (Windows Only)
Proxycaps is a paid app, but has many more features and is great for apps that do not have socks/or proxy support. You can download a free trial from their site to test out before purchasing here. (Windows and MAC)
For bitvise tunnelier once installed you will want to run it and open it up.
Step 1. Login
On first tab login.
You will want to enter the vpn servers hostname you want to use for ssh in the hostname area.
You will then enter your username and login from welcome email/client area for your vpn account there.
Step 2. Reconnect
Ensure the first option for auto reconnect is selected. This ensures it will auto reconnect as needed if you experience a disconnection.
Step 3. Socks Proxy Port settings
You will want to select the Services tab. Check the enable for ssh/http proxy forwarding box.
Now you will want to set 127.0.0.1 for the listening interface.
For the port you can set whatever unused port you desire for socks use. In my case it is 9853.
Basically what this does is setup a localhost:9853 proxy any socks5 app can use for proxying for example pidgin/Firefox/foxy proxy/electrum etc. on port 9853.
Once you have that set you can click login, accept and save the host key. You may see an authentication banner displayed you can close this out.
Now in any apps that you want to use this for socks5 you can use localhost:9853 to proxy them.
Step 4 Automate Bitvise start on windows login
Also to have bitvise autostart on windows login you can use the below tip so it’s automatic.
You will right click the shortcut on the desktop for bitvise tunnelier and then select properties.
Step 5 Modify the shortcut properties
Then, you want to add –loginOnStartup as shown to the end of the target section.
Notice the difference between the original and the modified one in the below picture.
Step 6 Open startup options directory
Go to the start menu, browse to the startup folder right click it and select open.
Step 7 Copy the custom bitvise shortcut to the startup directory
As shown below and then upon next reboot it should autologin, thereafter, the first reboot may prompt you to accept and save the host key initially but, that will only happen once if at all.
Now you have an automatic always on ssh/socks5 proxy at your disposal.
Now for Proxycaps for advanced use cases(Apps without socks5/proxy support )
Note this is a Paid app but does have a free 30 day trial at time of this writing. You can download a free trial from there site to test out before purchasing here. Can’t recommend this app enough for those apps that refuse to add socks5 or other way to proxy you can force them through ssh here or also use this app to force apps without proxy support through tor as well. Very handy.
Step 1 Install, reboot and configure.
Once you have Proxycaps installed and running (It does need a reboot before usable once installed) you can find it in the taskbar and right click and select configuration.
Step 2 Setup a new proxy
Once that opens you will want to select Proxies. Then you will want to create a new proxy.
Step 3 Login information
You will specify vpn server hostname if using our ssh proxies or your ssh server hostname & login info if you’re using another ssh server for this.
Step 4 Test your proxy
You will now see your proxy in the proxies list and you can select it and then on the top right there is a connection tester click that icon.
Step 5 Proxy test results
Click the check now button and you will see it works. If it does then you’re good to continue. If not go back to step 3 and confirm you entered proper login info and highest rated ssh key that will work with your ssh server for best security key exchange wise. If you have any more proxies to add you will want to go add those now before proceeding to next step.
Step 6 Proxy an app
In this use case I’m going to show you how to proxy an app without native socks5 support over the previously setup ssh proxy. You can really proxy with tor or ssh etc, if desired so if you have more ssh proxies or tor Vidalia bundle setup in windows via expert setup you can use that to torrify an app on per app basis.
For this example I’m going to proxy the windows latest Wickr desktop client. You can see more about Wickr here.
You will want to select the Rules tab as, this is where you will define all the rules for the apps you want to setup to use with any proxies you did in the previous steps. Next you will select the new rule box.
Step 7 Define app
Here you will set the options as desired. For the app to proxy through as desired it needs to be set as featured (redirect through proxy) first. Then, select the desired proxy in dropdown list. And resolve dns remotely(via the proxy vs locally) and select a specific app by browsing to the exe file if there are multiple exes I would recommend creating a rule for them all first before using the app so all application exes for that app are being proxied, no leaks.
Step 8 Check your work
You will now see your rule added to the list of rules here.
If you are using this for opsec or sensitive stuff I would recommend firing up a vpn at this time before testing your apps so no leaks occur. You will want to right click proxycaps configuration in taskbar and select status and logs. When you have that open you can see any proxy traffic that happens, to ensure when you open the app that it’s properly routing over your proxy as seen in my below example.
The beauty of this setup is in the options you can setup specific apps to use only a specific ssh proxy or socks5 you have setup on the system. So you could proxy for example chrome or firefox for one proxy and then use that for Netflix via a usa ssh proxy and be using a VPN from another country for rest of your computer traffic so your always covered traffic wise so you can do very advanced routing of traffic for stuff you want proxied one way, but leave rest proxied via vpn or different proxy etc.
Also, this helps prevent leaks versus relying on a vpn entirely as you can vpn computer then configure these proxies, test without leaks and then if vpn reconnects or loses connection; while away there will be no leaks, as the sensitive stuff is using socks5/ssh. Which just won’t work if disconnected versus leaking like they would if just relying on vpn alone like a lot of naive people do.
I hope you found this tutorial helpful and I hope you look for more on our blog.
Category:Security