Faster torrents, high connectivity and seed-ability are notably the primary reasons why most of us opt to use a seedbox. Fair enough - but a seedbox (server) can be used to implement a variety of tasks that extend far beyond just torrenting. We’ll explain how you can run a SSH tunnel through your seedbox server, in order to use your seedbox’s IP address as a proxy on your local machine (home PC). And it works for most Internet apps that support SOCKS5 (web browser, IRC/MSN, even a home uTorrent client).
Reasons/scenarios for how this can be applied
- • As a web proxy — You’ll be able to bypass any IP restrictions & firewalls, unblock certain websites, or torrent from college or work. Because of the nature of SSH tunneling, your traffic is well concealed.
- • Surf Anonymously — Keeps your home IP out of web browsing, since you’ll be surfing the ‘net using the static IP address of your seedbox, not your local IP.
- • Private trackers — If you live in a country that’s banned from receiving invites, or you’re in an IP range that’s banned altogether on certain trackers, you’ll be able to elude this. Plus, you’ll be logging into your private tracker account (in the browser) from the same IP that you’re torrenting from.
- • Torrent locally, but mask your IP — Use your seedbox IP (as localhost) in uTorrent, and although you’re still torrenting on your home PC, only the IP address of your seedbox is reported to the tracker & other peers. Unlike a VPN service which can unexpectedly drop your VPN connection (and default you back to your main ISP, exposing your real IP), this can’t occur when using a manual SOCKS5 proxy.
- • Hide your IP in everything! — Set up a manual proxy configuration in virtually any webapp; including mIRC, AIM/MSN, whatever you want!
What You’ll Need
** A seedbox server (VPS, dedi) that comes with shell (SSH) access. You don’t need “root” and it doesn’t have to be a dedicated server or VPS, just so long as you have SSH/shell. Note: Most shared seedbox providers do not include shell access.
For this demonstration we’ll be using a real server and it’s true IP address, so as to explain how1 to implement it through PuTTY and various webapps. But first, you’ll need to create a SSH tunnel & login to your seedbox through a shell client:
Create Your SSH Tunnel
1. Download PuTTY, and run it. You’ll be presented with the configuration setup options. Scroll down and open SSH under Connection, and click on the Tunnels tab (see screenshot below).
2. Select the radio button “Dynamic”.
3. Enter a port number for the source port, and click “Add”.
4. Your new port will appear in the box above (and a “D” will appear before the number).
5. Scroll back up to the top, where it says “Session”, click it.
6. In the “Session” option you should create a profile for your new session. Enter your hostname or IP address of the seedbox (server), using Port 22. Enter an arbitrary name for the Saved Session and click “Save”. To be certain that the SSH tunnel has been successfully added to this new session, highlight the session name and click “Load”. Again, scroll down to SSH > Tunnels and verify that the port has been forwarded properly (ie “D52014” as for our example).
Lastly, click ”Open” at the bottom to begin the PuTTY shell session, you’ll see a window similar to below. Using your shell credentials (username / password combo), login to your server. Note: Your password will not be visible when you type it, and copy/pasting your pw will also work.
** — Do not close PuTTY or kill the session. Leave this window open.
Adding a SOCKS5 Proxy to Firefox
We’ll use Firefox as the example, although most browsers operate in a similar fashion. In Firefox, go to Tools > Options… and click on the Advanced menu icon. Next, click on the Network tab, and hit the Settings… button:
Here, change the radio button over to “Manual proxy configuration”. Be sure to select “SOCKS v5” for proxy type, and enter “localhost” for the SOCKS Host. Enter in the port number from above (ie - 52014) - click OK, and OK again.
Head on over to WhatsmyIP.org and check out your new IP address. It should be the same as your seedbox IP - voilà, you’re surfing through your seedbox tunnel.
Tunneling, Adding a Proxy to uTorrent
The same procedure can be done through a BitTorrent client such as uTorrent. This is a great tip to bypass firewalls in your office, college or anywhere else that doesn’t appreciate torrents, for that matter.
In uTorrent, go to Options > Preferences and click on the Connection tab. Choose SOCKS5 from the dropdown in Proxy Server Type. Enter “localhost” for the proxy, and enter in your port number (ie - 52014). Also, disable (uncheck) UPnP & NAT-PMP port mapping - and while you’re at it, click on the BitTorrent tab and disable DHT, Local Peer Discovery and Peer Exchange (these can all leak your real IP address). Click Apply and OK to finish.
To test this out, head on down to CheckMyTorrentIP.com and download a torrent & open it into uTorrent. This new torrent should detect your seedbox IP, which in our case is 126.96.36.199.
Back on CheckMyTorrentIP.com, the “Check IP” tab will show both your torrent IP and browser IP addresses - and since we’ve configured both the BT client and the browser to use our tunnel, they’re obviously the same IPs (of our seedbox).
NOTE: This likely won’t raise any red flags on your private trackers, since this is the same principle as using a seedbox directly anyways. However, we don’t advise you to log into your private tracker accounts (or download .torrents) while using your seedbox proxy in the web browser, as this might be perceived that you’re sharing the account. If in doubt, always ask tracker staff first - explain that you’ll be logging in through the seedbox; they won’t have a problem with this as long as they know in advance.
Proxy for mIRC
Sure, there are better ways to set this up natively through IRSSI and have it connect to certain networks & channels, which also allows you to connect locally on a Windows machine. But for this tut, we’ll just do it through mIRC directly.
First of all, disconnect from all active networks. In mIRC, go to Tools > Options… and click on the Firewall tab (under Connect). Change the Firewall Support to “Both” & change the Protocol to “Socks5”. Enter in localhost for the Hostname, as well as the port number - click OK to save the changes.
(Re)connect to a network. Do a WHOIS check on yourself, it will now report your seedbox IP address instead of your home one.
nice guide sharky
Anyone know of a way to use spotify through a tunnel?
whats the point? Says:
so guys, can you tell me whats the point in doing this?
those people who can Identify you by your Local IP, can Identify you by your Seedbox Hosters IP as well, cant they?
sure, those ip-ranges-blocking is a reason why, but whos really effected by that?!
Taken straight from the handbook of seedwave forums.Good job I guess
And what’s better if you want to only use this SSH tunnel for certain cites (I.E private trackers use SSH tunnel, all others connect normally); use a plugin for Firefox called Foxyproxy. You can setup whitelists that tell it to use the SSH tunnel for sites you specify.
Nice article. SSH proxy is great because unlike VPN you can choose the application you want to proxify. You may want to proxify P2P but don’t use a third party for privates connections at the same time.
Just some remarks and suggestions :
- Keep in mind that proxy settings in Firefox doesn’t control all connections. For example with Java, the connection is established by an external application (which also has a proxy setting).
- In Firefox it’s sometimes interesting to use proxy for some URL and not for others. The extensions Foxyproxy and Autoproxy (still in beta) can help by creating urls based rules. That’s enough for example to be identify by your proxy IP when you browse a tracker website, and keeping a direct connection for others.
- Launching Putty in full is not necessary to only use ssh proxying, especially if it will stays in background. plink.exe is the light command line ssh client provided by Putty, and can be managed by a simple batch file for example to be launched at startup. For more advanced features (severals ssh proxies connections etc.) there are many applications like MyEnTunnel in free or Internet Secure Tunnelling in paying.
I use MyEnTunnel as well, and can fully recommend it! And thanks for telling me about Foxyproxy, great addon!
Ryan Oberoi Says:
This solution still doesn’t completely anonymize your traffic, since you’re only communicating with the tracker under your seedbox IP, peer-to-peer connections are still happening through your ISP connection, it’s just that you’re obtaining peers with which to communicate with through your seedbox (also your IP stays out of the swarm, currently one of the most dangerous things you can do while torrenting.)
Maybe a good idea for a new article, would be how to establish a VPN connection across SSH?
Pretty good review, you need to add a bit about enabling TCP and/or SSH keepalives in putty or else the session will timeout.
Hi Sharky, you can also install and use Squid Proxy.
DICK IN A BOX Says:
Go to Edit -> Preferences (Ctrl+P)
All you need is there.
You are forgetting one very important thing. Incoming connections won’t work by default, because if you use a SOCKS proxy all your incoming connections will be router to the proxy, not to your home pc. Your proxy won’t know what to do with it and will treat it as an unknown incoming connection (it will be rejected or silently dropped). This will cause your torrent client or any other application that needs incoming connections to start moaning about NAT or a firewall (no green smiles) or simply stop functioning entirely.
You can solve this problem by tunneling the port (in this case 51669) on your server to port 51669 on your local pc. To do this you have to add an additional tunnel in step 5. Set source port to 51669 and destination to localhost:51669. Do not create a dynamic tunnel, though, but a local. In the ‘forwarded ports’ section you should see something like L51669. Also make sure you enable the “local ports accept incoming connections from other hosts”. The tunnel is able to transverse NAT, so you don’t actually need to change anything in your router.
Oh, and don’t forget to enable “use proxy for p2p connections” in µTorrent (connection tab).
Also note that even with a securely tunneled socks proxy you’re never anonymous. You’re only as safe as the server that you are connecting to. They will be able to trace back the connections to your seedbox, so they will still be able to find you. You have just created a little obstacle; some bureaucracy => a minor inconvenience.
And as to why this is useful: ip-ranged blocks or censoring (China, France, Australia) or to effectively circumvent throttling by your ISP, unless your ISP simply also throttles all unknown/encrypted protocols, but then https should also be affected. You can of course easily test this by just downloading a larger file over http/ssl (https).
lol all i’ve got to do is
ssh -f email@example.com -L 2000:server.ip:25 -N
Does this tunnel make you connectable, when I am actually not connectable at home? (i.e. My home connection is unconnectable, I create tunnel to the connectable remote server and I add proxy to uTorrent).
for ubuntu your can use
very nice guide thank you very much.
counterstrike hack Says:
@Karamel: see post #12 and #13
wolverine fan Says:
I use FoxyProxy to to define what I use my dedicated server to tunnel through. everything torrent based is through it, everything else I use normal IP
Won’t this get me banned on most private trackers, as they all forbid anonymization services or vpns?
anyguys interested in getting into scc mail me at firstname.lastname@example.org
Lou Rhodes Says:
Wow, that is some pretty cool stuff. And it works!
bubba gump Says:
You really need to configure Firefox to use remote DNS when using this method, otherwise your DNS requests are still local.
in the addressbar of firefox type “about:config”
search for “dns”
the last line (or near’bouts) should be “network.proxy.socks_remote_dns” and by default is false. Set it to “true” by double clicking.
Now your DNS requests will all go across your tunnel creating a more secure experience. Keep in mind that setting firefox to use Socks will not force EVERY app on your system to use Socks, you’ll need to configure IE to use Socks for better anonymity.
Can you do this with a seedbox från seedhost
Geralyn Wahlenmaier Says:
And we would like to explain our opinion why UseNet service is better then Torrent service.
does any one know how to do the tunneling for the myentunnel you can get to me on email@example.com either mail or chat with me i urgently need to use one
And you would do all this for what ….reason?
Put your SOCKS on your feet (where ur sposed to put em)
…with shoes. …Go outside and GET A LIFE!!!!!!!
Nice guide, but way too complicated if I just want to transfer files. A better option is Binfer. It creates a VPN on the fly to transfer files from any computer to any computer in the world. Check http://www.binfer.com.
Trackback :: Torrent VPN Service | Personal VPN
[…] How to Create a SSH Tunnel Through Your Seedbox IP (Proxy for Your … […]
tanx sir very good .
i am living in iran , and internet filtering very high .
but with yr help , i have bypass filtering ,