Help connecting to SOCKS5 proxy server with Open SSH

Stephen Thatcher forumnemail at
Tue Mar 5 19:21:08 EST 2013

My desire is to form a connection from my laptop running ubuntu to a 
SOCKS5 server listed on the Internet. I have read the Ubuntu man page on 
OpenSSH client program. The description indicates that I have to connect 
to given host name (assumed to be an ip address?) with optional 
username. I want the server receive my Internet traffic in SOCKS5 
protocol and respond to my computer the requested encrypted web traffic. 
I have heard that firefox needs to connect to the SSH client on my side 
using dynamic port forwarding, therefore this is necessary for me. From 
the Man-Page, receiving what command needed for me to send the client, 
through 'ssh' terminal command. Interpreting Wikipedia's definitions of 
the SOCKS5 protocol, has revealed that I have to 'TCP/IP stream' to the 
proxy server.

The SOCKS5 protocol is defined in RFC 1928. It is an extension of the 
SOCKS4 protocol. It offers more choices of authentication, adds support 
for IPv6 and UDP that can be used for DNS lookups. The initial handshake 
now consists of the following:

     Client connects and sends a greeting which includes a list of 
authentication methods supported.
     Server chooses one (or sends a failure response if none of the 
offered methods are acceptable).
     Several messages may now pass between the client and the server 
depending on the authentication method chosen.
     Client sends a connection request similar to SOCKS4.
     Server responds similar to SOCKS4.

The authentication methods supported are numbered as follows:

     0x00: No authentication
     0x01: GSSAPI[11]
     0x02: Username/Password[12]
     0x03-0x7F: methods assigned by IANA[13]
     0x80-0xFE: methods reserved for private use

The initial greeting from the client is

     field 1: SOCKS version number (must be 0x05 for this version)
     field 2: number of authentication methods supported, 1 byte
     field 3: authentication methods, variable length, 1 byte per method 

Wikipedia's knowledge of SOCKS5 protocol and proxy server connection 
Step 1 in the initial handshake is 'connecting' to server and including 
a list of authentication methods supported. I need the right commands 
for this. Lets say I want to connect to SOCKS5 proxy server @ hostname:
Could I enter in terminal : "ssh -2"? 
When I do, it says ssh: connect to host port 22: Connection refused.
Why is the connection being refused? Why is the connection attempting to 
be made on the hosts port 22?
Lets say I connected to the SOCKS server somehow. Would the server 
choose not to use authentication and respond that choice to me?
Lets say no authentication was accepted by my client and the server. Can 
I local forward a random port(7763) to the server with this terminal 
ssh -L [localhost:]7763: Then would I want to enter: 
ssh -D [localhost:]10255. Following by setting up firefox to connect to 
SOCKS5 proxy server: localhost on port 7763?

More information about the openssh-unix-dev mailing list