1. Socks Proxy Software

Once installed, Dante can in most cases be made transparent to clients, providing. The Dante SOCKS server interoperates with many popular network.

A sock cat. A small pun intended.

Buy me a coffee

Socks Proxy Software

Become a Patron

This is an article on how to set up your SOCKS5 server up and running in 10-15 minutes on your personal VDS on Digital Ocean in 4 easy steps. It assumes that you are a professional PC user and by no means a professional system administrator.

Also, you will be able to create as many proxy logins and passwords for your friends and family as you want.

I basically assume that your knowledge and background is more or less similar to mine, when I just started learning about Linux.

Why make your own proxy-server?

• It's a opportunity and a good reason to learn new stuff (and boast to your girlfriend?);
• There are lists of free proxies and even people who provide such proxies for free. But you can never be sure if they continue to maintain their services / whether their intentions are pure;
  
• If required, you can always extend it to provide VPN or other services;
  
• You will not depend on the providers mentioned above in case anything happens to them;
• If you share access with your friends and family - it will become extremely cheap as well (basically US$5 per month / number of people, i.e. US$2.5 per person for 2 people, US$1 per person for 5 people, etc);

Introduction

There has been a lot of controversy recently regarding the government censorship of the Internet, especially in the CIS region. I will not focus on this, but I will just say that in the modern world it is becoming increasingly difficult to maintain access to the best sources of media / information / entertainment and have your own position not influenced by politics / corporate agenda and other external influences.

In any case, if for some reason you want to use any kind of VPN / proxy service, ultimately you have 3 choices:

1. Use easily available tools (before writing this article I knew about simple ssh tunneling with Putty, but apparently you can use ssh for socks proxy as well);
2. Use a B2C service, where you just enter your credentials (and your credit card credentials). Usually such services are more expensive. If not - then they are not free, your data is being sold;
3. A solution somewhere in the middle, where the majority of software and tools you use are open / free / non-proprietary (I am using these terms loosely, a difference between free and open software is a known reason for disputes);

Usually solutions under (1) are handy hacks, that either require some fiddling all the time (you cannot just set them up and forget) or are not cross-platform. Option 2 may not work for your particular setup / be expensive (e.g. browser VPN service costs as much as VDS rent, but a VDS can be shared among 5-10 people easily) / be too 'marketing' heavy / be not flexible in the long-term. If you can easily set-up option 3, then usually you can just forget about it.

In a nutshell - any sort of proxy-like service works like this. Your client accesses a web page via another machine that serves as a proxy

A couple of notes before we start:

• I have chosen Digital Ocean (DO) as a hosting provider for my proxy VDS, mainly because they have stellar support, APIs, product and services (and I already have a couple of droplets there. Where do you think this blog is hosted?);
• If you do not want to get deep in the admin stuff, DO does the following for you (usually this is enough):
• Assign ssh keys to new droplets;
• Creates snapshots;
• Create new droplets in 1 click;
• I have borrowed heavily from these online manuals. Kudos to the guys behind them!
• (essentially this guide is a mixture of the three above + how to generate your keys and create droplets in Digital Ocean);
  
• I have chosen only open-source software and I assume that you will also be using Ubuntu 16.04;
• I will provide more guidance to Windows users, usually blogs like the above ones assume that you have a Linux server hanging around;
• If you use my referral link, you will get US$10 in Digital Ocean, so for the first 2 months you will essentially be using your own proxy for free (you can share it with a reasonable number of people, like your family and friends);

So, once again in caps, USE MY LINK, AND PROXY WILL BE ESSENTIALLY FREE FOR 2 MONTHS FOR YOUR FRIENDS AND FAMILY AND YOU WILL LEARN STUFF =)

So, let's start!

It is as easy as:

• Follow my link;
• Create and account and add your billing information;
• Select the cheapest option as described below (do not be afraid to mess up - you are billed per hour, so no worries there);

Just create a droplet. Menus may vary in future, but it's easy to navigate

Select Ubuntu 16.04 - I tested it on this system

Choose the cheapest option. Providers like Vulture or Hetzner are cheaper (basically you can find noname VDS for as low as US$1-2 per month), but DO has superior service2nd puc textbooks karnataka pdf merge.

Choose the region which is closest to you

WAIT, but you may notice, that you do not have an ssh key in your account. If so, read a little bit about ssh keys (here and here) and let's proceed to step 2.

If you are a Windows user - do not be afraid, I will tell you how to easily work with SSH keys on Windows as well.

A proper way to access your VDS from your PC / notebook

Well, if you are Linux / Mac user - probably you already know how to generate ssh key pairs and how to use them. In this case, just upload your private ssh key to digital ocean, and proceed next.

Also - adding 2FA authentication will not harm (you can just use google authentication app for that).

This menu is hidden inside of Settings -> Security tab

Uploading your ssh key is as easy as copy-pasting your public key and adding a tag

There is a twist - DO expects the format of your key to be like a key generated by linux ssh keygen. It generally looks like this

Now, this part will be interesting for Windows users.

I personally use Putty and PuttyGen for ssh access and key pair generation. You will need both Putty and PuttyGen. If you do not know about ssh, it's the basic method of controlling Linux servers, you can read about it here. If you are windows user, then ssh prompt is the same thing you get when you run cmd.exe in Windows.

Do not be afraid of it - actually it's very simple and easy!

But if you generate a key pair with PuttyGen, your public key will look differently, something like this, which does not work with Ubuntu.

The easiest way to ensure that your key pair works with DO is the following set of steps:

1. Create a key using a Linux utility as described here. You will use the public key from here in DO;
2. Save the newly created public and private key somewhere on your PC / notebook;
3. Load the private key in PuttyGen via Conversions -> Import key;
4. Then press 'save private key' - you will use this key with Putty later;

Converting key in PuttyGen. Also note the 'Save private key' button

Wait, but if you have not access to Linux console? You can generate a key pair using one of the below options:

1. Create a droplet with DO, reset root password (see image below), access it via online console. Create a key pair there, and use 'cat' to diplay it;
2. Create a droplet with DO, reset root password (see image below), access it via Putty using login and password;
3. In both cases - it will be easier just to create a new droplet afterwards with a proper key already installed (or you can learn to install ssh keys as well);

Sometimes copying data from online terminals may be an issue.

This menu in DO allows you to reset root password and / or launch online terminal

Finally to access your Droplet with Putty using your key, you have to:

1. Create a new connection in Putty;
2. Type in your host name / IP address and port (by default it is 22);
3. Type in the name for your preset and press 'save';
4. Go to data -> Auto-login username and input root:
5. Go to data -> SSH -> Auth and select a private key that you have saved with PuttyGen;
6. Do not forget to go back to session -> save after doing all the settings;
   

Do not forget to go back to session -> save after doing all the settings

Now I assume that you have your VDS and your ssh terminal with root access ready. Nice!

Also remember, if you break anything, you can just delete your droplet and start again. Also when your are finished, you can use snapshots to save your progress.

Creating a snapshot in DO

So, basically the whole list of set up commands looks like this, but we will go line by line and explain what does what.

Usually it is a good idea to update your linux packages to make sure that you are up-to-date. Anyway on a fresh droplets it's standard practice.

This bit basically downloads the source of the program used for socks5 proxy and just installs it from source. Refer to the original blog post for more details.

Now for the config. Note that I used a config from a different blog post because I wanted to install from source (because this package is not really popular, I would not rely on somebody uploading it to Ubuntu ppa), but I would like to have a password based authentication.

Also note that after running /home/dante/sbin/sockd -f /home/dante/danted.conf you will have to press ctr+C to stop the program. The next command runs it as a daemon.

This bit creates a user for your socks5 server. You need to remember these credentials and use them in your client later. A linux prompt will ask for password.

Then you need to install and enable ufw as a basic firewall. Note that enabling ufw before you allow ssh may be a very bad idea.

Now you need to make sure that the daemon starts on reboot. Some time ago I found a nice template for crontab, which I use for such cases. Note that after crontab -e a text editor will open and you will need to copy the below cron config into the file. You can test that cron works via uncommenting the commented line below.

Now let's create a user and a password and try it with a client that supports SOCKS5 proxies, like Telegram.

Hostname is your droplet's IP address. Port is from dante config. Login and password are chosen by you.

Well, if you are a Windows user, then it looks like that all the browsers in 2018 mostly use own Window's proxy settings. But sadly they do not contain login and password field for SOCKS proxies =(

One of the guides above contains a conf file for a proxy without a password, but I would not risk it, because bot scanners will quickly add your proxy to a free proxy list (it usually happens within hours).

If you know how to bypass it - please write in comments below. Ofc, there is an obvious idea - allow traffic only from one IP address via ufw, but this is not what I wanted to achieve in the first place.

Best cars for tall drivers.

Buy me a coffee

Become a Patron

Hi team,
I have installed and configured the Dante socks server on Centos7 64bit server machine. configuration file as is below
#less /etc/sockd.conf
logoutput: /var/log/sockd.log
internal: 10.10.0.125 port = 1080
external: ens456
user.notprivileged: socks
clientmethod: none
socksmethod: none
client pass {
from: 10.10.0.0/24 to: 0.0.0.0/0
log: error # connect disconnect
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
command: bind connect udpassociate
log: error # connect disconnect iooperation
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
command: bindreply udpreply
log: error # connect disconnect iooperation
}
It failed to start with below lines.
]# systemctl status -l sockd
sockd.service - SYSV: Dante Socks v4/v5 servers
Loaded: loaded (/etc/rc.d/init.d/sockd)
Active: failed (Result: exit-code) since Mon 2015-12-07 16:42:04 PKT; 4s ago
Process: 3026 ExecStart=/etc/rc.d/init.d/sockd start (code=exited, status=1/FAILURE)
Dec 07 16:42:04 localhost sockd[3026]: /etc/rc.d/init.d/sockd: line 18: [: =: unary operator expected
Dec 07 16:42:04 localhost sockd[3026]: Starting Dante Socks server (sockd): [FAILED]
Dec 07 16:42:04 localhost systemd[1]: sockd.service: control process exited, code=exited status=1
Dec 07 16:42:04 localhost systemd[1]: Failed to start SYSV: Dante Socks v4/v5 servers.
Dec 07 16:42:04 localhost systemd[1]: Unit sockd.service entered failed state.
How to fix it?