Install and Configure SOCKS Proxy Server on Rocky Linux VPS

This article provides a guide for how to install and configure SOCKS proxy server on Rocky Linux VPS.

How to Install and Configure SOCKS Proxy Server on Rocky Linux VPS

In this tutorial, we’ll go through the process of installing and configuring a SOCKS proxy server on a Rocky Linux VPS. We will also discuss enabling SSH tunnelling from a PC using the SOCKS proxy server. This will allow you to route your internet traffic securely through the VPS, providing privacy and potentially bypassing geo-restrictions.

Prerequisites

1. Rocky Linux VPS: A Rocky Linux VPS server with root access.
2. PC: A Windows, macOS, or Linux-based machine.
3. SSH Client: An SSH client installed on your PC (e.g., PuTTY for Windows or the native terminal for macOS/Linux).

Step 1: Update Your Rocky Linux VPS

First, ensure your VPS is up to date with the latest security patches and updates.

1. SSH into your Rocky Linux VPS as the root user or a user with sudo privileges.

   ssh root@your-vps-ip

2. Update the package index and upgrade the installed packages:

   sudo dnf update -y

Step 2: Install the OpenSSH Server

OpenSSH should already be installed on your Rocky Linux server by default. You can check the status and install it if necessary.

1. Check if the OpenSSH server is installed and running:

   sudo systemctl status sshd

2. If OpenSSH is not installed, you can install it with the following command:

   sudo dnf install -y openssh-server

3. Start and enable the SSH service to ensure it starts on boot:

   sudo systemctl start sshd sudo systemctl enable sshd

Step 3: Configure SSH for SOCKS Proxy

The SOCKS proxy server can be configured directly through an SSH connection without needing additional software on the server. This setup leverages the SSH tunneling feature.

1. Edit the SSH configuration file to enhance security (optional but recommended):

   sudo nano /etc/ssh/sshd_config

2. Look for the following lines and modify as needed:
   • Disable root login (optional):

     PermitRootLogin no

   • Disable password authentication (if you prefer using SSH keys):

     PasswordAuthentication no

   • Ensure the following line is present to allow SSH tunneling:

     AllowTcpForwarding yes

3. Save and close the file (Ctrl+X, then Y, then Enter).
4. Restart the SSH service to apply changes:

   sudo systemctl restart sshd

Step 4: Set Up SSH Tunneling on Your PC

Now that the VPS is configured, you’ll set up the SSH tunnel on your PC to use the SOCKS proxy.

For Windows (Using PuTTY)

1. Download and Install PuTTY: If you don’t already have PuTTY installed, download it from here and install it.
2. Configure PuTTY:
   • Open PuTTY.
   • In the “Session” category, enter your VPS’s IP address in the “Host Name (or IP address)” field.
   • In the “Connection” category, expand “SSH” and select “Tunnels”.
   • Under “Source port”, enter a port number (e.g., 8080).
   • Select the “Dynamic” radio button.
   • Click “Add”.
   • Go back to the “Session” category, name your session, and save it.
3. Connect to the VPS:
   • Click “Open” to connect to your VPS.
   • Log in with your username and password or SSH key.
4. Configure Your Browser to Use the Proxy:
   • Open your browser’s network settings.
   • Under the proxy settings, configure it to use 127.0.0.1 as the SOCKS host and the port number you chose (e.g., 8080).
   • Save the settings.

For macOS/Linux (Using Terminal)

1. Open Terminal:
2. Create the SSH Tunnel:Use the following command to create the SSH tunnel:

   ssh -D 8080 -f -C -q -N user@your-vps-ip
   

   • -D 8080: Specifies the local SOCKS proxy port.
   • -f: Runs the SSH command in the background.
   • -C: Compresses the data.
   • -q: Quiets the SSH output.
   • -N: Tells SSH that no remote commands will be executed.
3. Configure Your Browser to Use the Proxy:
   • As with Windows, go to your browser’s proxy settings.
   • Set the SOCKS host to 127.0.0.1 and the port to 8080.
   • Save the settings.

Step 5: Test the SOCKS Proxy

1. Verify the Connection:
   • Go to a website like https://www.whatismyip.com/ to check your IP address.
   • If the SOCKS proxy is working correctly, the IP address shown should be that of your VPS, not your local machine.

Step 6: Automate the SSH Tunnel (Optional)

For convenience, you can automate the SSH tunnel setup to avoid manually establishing the connection each time.

On Windows (Using a Batch Script)

1. Create a .bat file with the following content:

   @echo off start putty.exe -ssh user@your-vps-ip -D 8080 -N

2. Save and run the script whenever you want to start the SOCKS proxy.

On macOS/Linux (Using a Shell Script)

1. Create a shell script (e.g., socks_proxy.sh) with the following content:

   #!/bin/bash ssh -D 8080 -f -C -q -N user@your-vps-ip

2. Make the script executable:

   chmod +x socks_proxy.sh

3. Run the script whenever you want to start the SOCKS proxy:

   ./socks_proxy.sh

Optional: Enable Automated SSH Login

To automate SSH login, you can use SSH key-based authentication instead of passwords. This allows you to log in to your Rocky Linux VPS without needing to enter your password each time. Here’s a step-by-step guide to setting it up:

Step 1: Generate SSH Key Pair on Your PC

1. Open a Terminal (macOS/Linux) or Git Bash (Windows):
   • For Windows, if you use PuTTY, you’ll need to use PuTTYgen, which is a separate tool that comes with PuTTY.
2. Generate the SSH Key Pair:
   • Run the following command to create a new SSH key pair:

     ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

   • This command creates a 4096-bit RSA key pair, which is secure and commonly used.
3. Follow the Prompts:
   • You’ll be prompted to enter a file name to save the key. Press Enter to save it in the default location (~/.ssh/id_rsa).
   • When prompted for a passphrase, you can enter one to add an extra layer of security (optional). Press Enter if you want to skip this.

Step 2: Copy the Public Key to Your Rocky Linux VPS

1. Copy the Public Key to the VPS:
   • Use the ssh-copy-id command to copy your public key to the VPS:

     ssh-copy-id user@your-vps-ip

   • Replace user with your VPS username and your-vps-ip with the IP address of your VPS.
   • If ssh-copy-id is not available on your system, you can manually copy the key using the following method:

     cat ~/.ssh/id_rsa.pub | ssh user@your-vps-ip 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys'

2. Log in to Your VPS:
   • Try logging in to your VPS to test if the key was added correctly:

     ssh user@your-vps-ip

   • If everything is set up correctly, you should be logged in without being prompted for a password.

Step 3: Disable Password Authentication on the VPS (Optional)

For added security, you can disable password authentication entirely, forcing all logins to use SSH keys.

1. Edit the SSH Configuration File:

   sudo nano /etc/ssh/sshd_config

2. Find and Modify the Following Lines:
   • Disable password authentication:

     PasswordAuthentication no

   • Ensure the following line is also enabled to allow key-based authentication:

     PubkeyAuthentication yes

3. Restart the SSH Service:

   sudo systemctl restart sshd

Step 4: Automate SSH Login with SSH Config File (Optional)

You can further simplify your SSH login by creating an SSH configuration file on your PC.

1. Create/Edit the SSH Config File:
   • Open the SSH configuration file (create it if it doesn’t exist):

     nano ~/.ssh/config

   • Add the following configuration:

     Host your-vps-alias HostName your-vps-ip User your-username IdentityFile ~/.ssh/id_rsa

   • Replace your-vps-alias with a name you want to use for your VPS, your-vps-ip with the VPS IP address, and your-username with your VPS username.
2. Save and Exit:
   • Save the file and exit (Ctrl+X, then Y, then Enter).
3. Connect to Your VPS Using the Alias:
   • Now, you can log in by simply typing:

     ssh your-vps-alias

You’ve now automated the SSH login process by using SSH key-based authentication. This method not only makes logging in more convenient but also significantly enhances security by eliminating the need for password-based logins.

With the optional SSH configuration file, connecting to your VPS becomes as simple as typing a single command.

Conclusion

You now know how to install and configure SOCKS proxy server on Rocky Linux VPS and set up SSH tunneling on your PC. By following this guide, you can securely route your internet traffic through your VPS, offering increased privacy and security.

If you wish to further secure your setup, consider using SSH keys instead of password authentication and implementing additional firewall rules on your VPS.