Super Simple VPN with SSH Tunneling

I’m often accessing the internet from different locations throughout the day and rarely have the same IP address. Sometimes you just need a static IP. For example, maybe you are dealing with a secured environment that can only be accessed by a certain IP address. The workaround hack is to create an SSH tunnel to a VPS which has a static IP, like a $6/month droplet. Digital Ocean has a great article showing how to route web traffic without a VPN using a SOCKS tunnel.

With a SOCKS tunnel enabled you’ll be able to browse the internet using your VPS’s public IP instead of your local internet IP. Neat right? Let’s turn this into a one-liner tunnel script.

SSH tunneling requires some configuration, let’s automate instead!

Create ~/Scripts/tunnel.sh with the following. Swap out ~/.ssh/id_rsa and username@ip-address with your key file and SSH info.

echo "Launching Firefox with Proxy profile. Starting SSH tunnel, control + C to exit."
/Applications/Firefox.app/Contents/MacOS/firefox -P Proxy &
ssh -i ~/.ssh/id_rsa -D 1337 -CqN username@ip-address

Grant execute permissions chmod +x ~/Scripts/tunnel.sh. This script will launch Firefox with a unique profile and then launch the proxy. This will allow us to kill the proxy at any time by pressing control + C. In order for it to work, we’ll need to create the new Firefox profile with the SOCKS configuration info.

On the Mac run /Applications/Firefox.app/Contents/MacOS/firefox --ProfileManager

Select “Create Profile…” then name it “Proxy”.

Start Firefox and open up settings. Search for proxy.

Configure the SOCKS Host to be localhost with a port of 1337 or any available port you want :). Check the box “Proxy DNS when using SOCKS v5”.

That’s it. You should be able to open Firefox normally without the proxy settings getting in the way. Running the ~/Scripts/tunnel.sh will start the SSH tunnel and launch Firefox with the proxy profile.