Making Google Chrome Work With a SOCKS5 proxy (i.e. putty ssh tunnel)

Filed in Software Developement 6 Comments

I really like chrome, but something that is an absolute must is a SOCKS5 proxy.  This is due to my ultra restrictive corporate firewall, i need to tunnel http content through an ssh tunnel.  And ssh creates a SOCKS5 proxy when you use the -D option.  Chrome seems like it assumes that your proxy is SOCKS4.x and just fails on the ssh tunnel proxy.  But there is hope, i found a way to work around this and it isn’t even complicated!

Just a quick note, i actually use a plugin from chrome called Switchy! which helps me quickly switch to and from the ssh tunnel proxy.  It is certainly no foxyproxy, but it works well enough that i can use it to solve most proxy related problems.

Now, the secret to this solution is to use Proxy Auto Configuration scripts.  These scripts allow you to specify which version of SOCKS to use for your proxy.  So all you need to do is create a file somewhere on your computer (say called pac-ssh-tunnel.pac) and then add the following to it:

function FindProxyForURL(url, host)
   return "SOCKS5 localhost:8080";

Now, take note that i am creating the ssh tunnel proxy using the following command:

ssh -N -g -D 8080 username@remote_server

Just FYI, “-N” means don’t execute any commands on the server (i.e. strictly a tunnel connection only).  And “-g” allows the remote host to connect to locally forwarded ports (which i must admit, most people will never need this, but handy if you do complex tunneling of data).   Finally, “-D 8080″ means dynamically forward the proxy data through local port 8080.

So once you have your SSH SOCKS5 tunnel up and running, set chrome to use your proxy automatic configuration script that you created (either through chrome’s options, or through Switchy! if you prefer).  Now you can proxy traffic over your ssh tunnel.

One final note, PAC files are basically javascript files (with a few built-in functions).  You can actually create some complicated PAC files that do all your complex proxy selection for you (basically a lot of regular expression matching).  So if you get adventurous, you can just add all your proxy selection logic to that one function (or break it into multiple functions) and then you won’t even need to change your proxy around ever!

Happy surfing!

, , , , , , ,