How To Set Up a SOCKS Proxy + SSH on iPhone/iPad


 

Why use a SOCKS proxy?

Using a SOCKS proxy and combining it with an SSH connection is a great way to make sure your traffic remains encrypted on your iOS device.

This is particularly useful when surfing the web at unprotected wifi access points, for example, at Starbucks, McDonald’s or at the airport. SSH will make sure that your traffic and communications remain private on your iPhone or iPad.

Another essential use is for bypassing college, company, or ISP firewalls.  SSH can be used to gain access to content that your university or enterprise does not want you to access. For example, you can enable access to games, p2p, or blocked websites.
 

SOCKS proxy on iPhone/iPad

Now let’s set up a SOCKS proxy, with SSH support, on your iOS device.

If your college, enterprise, or ISP requires an HTTP/HTTPS proxy then follow my *other* guide to setting up SOCKS + SSH over HTTP proxy on iOS.

 

iOS PAC File

  1. Download this .pac file (right-click -> save as) (courtesy of Thireus).
  2. SSH into your iPhone/iPad (or alternatively use iFile if you don’t wish to use SSH), and place the proxy.pac file in the following location:  /private/var/root/proxy.pac
  3. Make sure to set the permissions of the proxy.pac file so that root can read, write and execute the file.

 

If you are using iOS 4, or older, then you may not place the .pac file in a local location on your iPhone//iPad. Instead, you should put the .pac file somewhere publicly accessible on the internet. If you are using iOS 5 or greater, then there is no problem.

 

 Install Cydia Unix Apps

  1. Launch Cydia and download the following apps: inetutils, connect.c, automatic SSH, screen, MobileTerminal, and OpenSSH.

 

If you cannot find these apps, go to ‘Sources’ and make sure Cydia/Telesphoreo is installed. The URL to add is: http://apt.saurik.com/.

You must also make sure your Cydia User Info is set as ‘Hacker’ or ‘Developer’. Go to ‘Sources’, ‘Settings’, and choose ‘Hacker’ or ‘Developer’. Press ‘Reload’ on the main Cydia screen.

 

iOS SSH Tunnel Settings

Now that we have all of the software, we must configure the SSH tunnel correctly so that Safari and all of your other apps can properly connect to it through your SOCKS proxy.

    1. Launch MobileTerminal
    2. Press the ‘i’ icon on the right of the screen.
    3. Press ‘Shortcut Menu’, then ‘+’ at the top right of the screen.
    4. Under ‘Shortcut Action’ add your SSH tunnel command.
      Here is what I use: autossh -M 12345 -D 1080 -C -p <ssh port> -N <user>@<ssh server>.
    5. Change the command to whatever suits your needs: Insert your port, username, and server address. Enter a name in the blank box above your command. Example: “My SSH connection”.
    6. Press ‘Done’, then ‘Back’ twice. To run your SSH command, press the ‘i’ button and then press “My SSH connection”, or whatever you named it. This will run the command and thus connect to your SSH server.

 

iOS SOCKS settings

By this stage, you have a working SSH connection set up on your iPhone/iPad. Now we must configure iOS to use a SOCKS proxy, which will allow Safari and all of your apps to use the SSH connection.

  1.  Press the Home button. This will exit MobileTerminal, however it will continue to run the SSH connection in the background, so don’t worry about that!
  2. Navigate to ‘Settings’, ‘Network’, ‘Wifi’, <‘blue button’ your network>, ‘HTTP Proxy’, ‘Auto’, and enter the location of the .pac file in the ‘URL’ field. It should be: file:///private/var/root/proxy.pac
  3. This specifies your Wifi connection to use the SSH tunnel through the SOCKS proxy .pac file. This means all of your iPhone and iPad apps, including Safari, will use the SOCKS proxy with SSH.

 

Remember: You MUST do the final steps for each new Wifi connection that you use. You must go into settings and set ‘HTTP proxy’, ‘Auto’, for each wifi connection. That means if you go to Starbucks, simply connect to their Wifi access point, and then follow these last three steps. It should be simple, just copy and paste!

 
Congratulations! If you followed this guide perfectly, the operation should be complete. You should have all of your apps using a SOCKS proxy and SSH on your iPhone or iPad.

If you are having any problems, please leave a comment and I’ll try my best to help you out.

Tagged with: ,
Posted in iOS
2 comments on “How To Set Up a SOCKS Proxy + SSH on iPhone/iPad
  1. Mark says:

    Can you explain this?
    autossh -M 12345 -D 1080 -C -p -N @
    Maybe an example

    • antd says:

      autossh = ssh
      -M = Master mode
      12345 = local autossh port number (can be anything, it doesn’t matter)
      -D = local SOCKS proxy
      1080 = local SOCKS port number (must match the port you give in proxy.pac)
      -C = compression
      -p = SSH server port (22 by default)
      -N = do not send remote command

      You can use exactly that command. All that needs changing is the SSH port and IP.

Leave a Reply

Your email address will not be published. Required fields are marked *

*