Help connecting to SOCKS5 proxy server with Open SSH

Ben Lindstrom mouring at
Wed Mar 6 11:59:11 EST 2013

On Mar 5, 2013, at 2:21 AM, Stephen Thatcher <forumnemail at> wrote:

> Wikipedia's knowledge of SOCKS5 protocol and proxy server connection request.
> Step 1 in the initial handshake is 'connecting' to server and including a list of authentication methods supported. I need the right commands for this. Lets say I want to connect to SOCKS5 proxy server @ hostname:
> Could I enter in terminal : "ssh -2"? When I do, it says ssh: connect to host port 22: Connection refused.
> Why is the connection being refused? Why is the connection attempting to be made on the hosts port 22?
> Lets say I connected to the SOCKS server somehow. Would the server choose not to use authentication and respond that choice to me?
> Lets say no authentication was accepted by my client and the server. Can I local forward a random port(7763) to the server with this terminal command:
> ssh -L [localhost:]7763: Then would I want to enter: ssh -D [localhost:]10255. Following by setting up firefox to connect to SOCKS5 proxy server: localhost on port 7763?

You are confusing two different aspects.  Ssh doesn't know how to use socks5 as a proxy method by default.   It knows how to create an SOCKS5 proxy, and it has a generic "proxy" interface to allow you to call a 3rd party program to do the proxy for you.  The reason for the latter is to allow people to do http proxy, or any other method of doing proxy without having to hack the ssh code for every unique proxy type.

** ssh as a socks5 proxy server:

$ ssh -D 8080

Start firefox, set SOCKS5 proxy to localhost:8080

** ssh USING a socks5 proxy server:

However, if you want ssh to use a SOCKS5 proxy you need a 3rd party packages like:

And setup a ~/.ssh/config like:

Host *
ProxyCommand connect-proxy -R both -5 -S %h %p

Then any attempt at using ssh will use connect-proxy to open a channel to  then will open a connection to the %h and try talk to it via ssh.

- Ben

More information about the openssh-unix-dev mailing list