SSH Tunneling

SSH tunneling allow you to securely route traffic through your slot using an encrypted tunnel. SSH tunnels can be used to prevent network monitors on your local network from monitoring what sites you visit, or to bypass overly restrictive web filters. They are also useful for trackers that require users to log in from an IP before being able to seed from it.

Creating an SSH tunnel


Since Windows does not come with an SSH client, you will need to download and install KiTTY. The first time creating a tunnel you will need to create a Saved Session, which you will be able to reuse later:

  1. Install and open KiTTY
  2. Enter in the Host Name field
  3. Make sure SSH is selected as the connection type
  4. In the menu on the left, go to Connection->Data.
  5. Enter your Whatbox username and password in the Auto-login username and Auto-login password fields.
  6. In the category menu on the left, expand Connection' Then expand SSH and select Tunnels.
  7. Next to Source port enter 8080
  8. Select Dynamic. Click Add
  9. (Optional) In the menu on the left, go to Window->Behavior. Check the Send to tray on startup if you would like the KiTTY window to hide in your system tray after it is connected.
  10. (Optional) In the menu on the left, go to Connection. Enter 150 next to Seconds between keepalives. On the same page, check Attempt to reconnect on connection failure. These settings will help maintain your connection in the event of an unstable local network.
  11. In the category menu on the left, select Session to go back to the first screen.
  12. Under Saved Sessions enter Whatbox Proxy and click Save to save all settings.

To start the tunnel:

  1. Open KiTTY
  2. Under Saved Sessions double-click Whatbox Proxy
  3. If all went correctly you should now see user@server ~ $

To automatically start the tunnel on Windows startup:

  1. Open your Start Menu. Find the Startup folder in All Programs
  2. Right-click on Startup and choose Open. The folder will open in Windows Explorer.
  3. Right-click in the empty space and choose New->Shortcut
  4. Hit the Browse button and navigate to where you installed KiTTY.
  5. Select kitty.exe and hit OK
  6. Click Next and enter Tunnel in the text box.
  7. Click Finish when done.
  8. Now Right-click on the Tunnel shortcut and select Properties
  9. In the Target box, add -load "Whatbox Proxy" to the end.
  10. If it looks similar to "C:\Program Files\Kitty\kitty.exe" -load "Whatbox Proxy", hit OK. You are done.

To disconnect the tunnel:

  1. Type logout
  2. Press Enter

Linux and Mac OS X

  1. Open a terminal
  2. Enter the following command: ssh -ND 8080

-N hides the output from the SSH connection. It is optional. If you wish to use the SSH connection to run commands on the server as you normally would, remove the N switch.
-D 8080 creates a dynamic port, in this case 8080, on your local computer. This is how your browser, or other software, will connect to the tunnel.

Using As a Browser Proxy


  1. Create and start your SSH tunnel
  2. Open Preferences, found either in the Edit or Tools menu
  3. Select the Advanced section and click the Network tab
  4. Under Connection click the Settings button.
  5. Select Manual proxy configuration
  6. Next to SOCKS Host enter localhost and 8080 as the port.
  7. Select SOCKS v5
  8. Click OK, then Close

The proxy will be functional at this point. It is recommended that you also set Firefox to send DNS requests over the proxy as well:

  1. Browse to about:config
  2. Click I'll be careful, I promise
  3. Type in network.proxy.socks_remote_dns and press Enter.
  4. Toggle the value to True by either double-clicking the listed row, or right-clicking and selecting Toggle.

Linux: Google Chrome and Chromium

  1. Create and start your SSH tunnel
  2. Open Preferences
  3. Select Under the Hood
  4. Next to Network click Change Proxy Settings...
  5. Select Manual Proxy Configuration
  6. Next to Socks host enter localhost and 8080 as the port.
  7. Click Close

Windows: Internet Explorer, Google Chrome, Opera, and Safari

  1. Create and start your SSH tunnel
  2. Open the Windows Control Panel
  3. Open Internet Options
  4. Select Connections
  5. Select LAN settings
  6. Check Use a proxy server for your LAN and click the Advanced button.
  7. In the boxes next to Socks: enter localhost and 8080 as the port. Leave all the other fields blank.
  8. Click OK, OK, OK

Mac OS X: Google Chrome and Safari

  1. Create and start your SSH tunnel
  2. Select System Preferences >> Network >> Advanced >> Proxies
  3. Check checkbox next to SOCKS Proxy
  4. Under SOCKS Proxy Server, enter localhost and 8080 as the port. Leave all the other fields blank.
  5. Click OK, Apply

Proxying Other Programs

In the same way that you can proxy your web browser's traffic, you can also tunnel any other program that has support for a SOCKS proxy.

For example, if you wanted to tunnel your local installation of uTorrent, you can just fill out the fields in the Connection category of the program's settings appropriately:

If the program you're using does not support native SOCKS proxies, it is possible to add support for this with tsocks.

Selectively Tunneling URLs

This is an example of a proxy.pac file:

function FindProxyForURL(url, host) {
 if (shExpMatch(url, "**")) { return "SOCKS localhost:8080"; }
 // direct for everything else
 return "DIRECT";
  1. Create a proxy.pac file which has a SOCKS line for each host you wish to proxy
  2. In your proxy settings, input the location of the proxy.pac file as your autoconfiguration URL. file:///home/username/proxy.pac
  3. You will only be able to browse urls which match a SOCKS rule when your ssh tunnel is up.