Proxing Web Traffic across a SSH Tunnel using SSH Dynamic Port Forwarding

SSH port forwarding (or tunneling) re-routes TCP/IP connections through an established SSH connection. Being encapsulated within SSH provides security benefits along with the ability to route traffic through firewalls using just port 22 (SSH).

In this example we will proxy our web traffic via our remote server across an established SSH connection.
This is achieved by using Dynamic Port Forwarding on our localhost.

Dynamic port forwarding allows an ssh client to run a SOCKS proxy on localhost, which allows the forwarding of any port to any internet server through the remote ssh server. It looks a bit like this:

  1. Client machine sends a HTTP request to the localhost SOCKS proxy (SSH Client).
  2. The SSH Client then forwards the request to the remote SSH host.
  3. The Remote SSH host forwards request to the appropriate server.


This example is based on our web browser being Firefox on a Windows based system. We will also being using putty as the SSH Client on our localhost.


  1. On your client run the command within your command prompt - putty -D 8080 [remote server ip]
  2. Configure you Firefox Proxy settings. Go into "Tools | Options | Network | Setting". And configure it as per below.

       3. Goto the site and confirm that your connection is working via your Remote Server.