Access US Only Websites from Outside the USA with a SOCKS Proxy & SSH Tunnel

Nov 29, 2011 - 7 Comments

Setup and use a SOCKS Proxy in Mac OS X

A wide variety of websites and online services are region restricted to the USA: Hulu, Netflix, Pandora, annual credit reports, some banks, the list is significant. Region restrictions are generally something you don’t notice until you need to access a website from outside the USA, and then they’re a huge pain. We’ll show you how to get around region restrictions securely by using a SOCKS proxy and SSH tunnel.

Before getting started, you’ll need:

  • A US-based web hosting or shell provider that allows SSH access, including a username and the remote machines IP
  • Basic understanding and comfort with the command line

This walkthrough is aimed at Mac OS X, but you should be able to configure things much the same with iOS, Android, and Windows too.

How to Set up an SSH Tunnel and SOCKS Proxy in Mac OS X

Assuming you have a US host squared away, let’s begin:

  • Go to the Applications folder, then to Utilities, then launch the Terminal and use the following syntax to set up the SOCKS proxy:
  • ssh -D port_number user@remote_host_ip

  • For example, if your username is AJ and the remote host IP is 75.75.75.75, and you want to setup a proxy on port 2012, the syntax would be:
  • ssh -D 2012 AJ@75.75.75.75

  • Login as usual and maintain the shell connection for as long as you intend to use the proxy, if you’re concerned about remote host timeouts just ping localhost or another ip
  • Now go to the  Apple menu and open “System Preferences”
  • Click on “Network” and then click on “Advanced” in the lower right corner
  • Click on the “Proxies” tab and click the checkbox next to “SOCKS Proxy” from the protocol menu
  • Fill in the SOCKS Proxy server as 127.0.0.1 and provide the port from earlier, in this case 2012
  • Click “OK”

Now launch a web browser and double-check the external IP address to confirm with a website like whatismyip.org or by running the following at the command line:

curl whatismyip.org

Your IP should now register as the remote US-based host you tunneling through, and you are free to view US region restricted content.

Side note: in some cases, specifically with websites that redirect based on region, you just need to find the proper URL and you don’t need to tunnel at all. A very useful example is stopping Google.com redirecting to another region by using their NCR site, but there are other search engines and websites that have similar alternate URLs.

Enjoy this tip? Subscribe to the OSXDaily newsletter to get more of our great Apple tips, tricks, and important news delivered to your inbox! Enter your email address below:

Related articles:

Posted by: AJ in Command Line, Mac OS X, Tips & Tricks

7 Comments

» Comments RSS Feed

  1. Yuri says:

    Use -f to send it into the background, and -N for added security:

    ssh -f user@remote-ip -L 1080:remote-ip:80 -N

    That way you are also sending the local port to remote port with full encryption. PS: 1080 is a standard proxy port.

  2. Scott H says:

    Why bother modifying system preferences when you can set individual browsers to use the proxy?

    FIREFOX: about:config

    CHROME: chrome://settings/browser

    Set the socks proxy & port, whole thing stays just in that browser rather than system wide.

  3. Brad Zimmerman says:

    I’m not being sarcastic when I say that I’ve known about this for at least 15 years …but it does little good without a solid shell provider. Any recommendations?

  4. Terminal and iTerm has no proxy support.
    How you get the right external ip with the curl command?

  5. William says:

    Now I just need a way to trick BBC.co.uk into letting an American watch Dr. Who from their website.

  6. Kyleandrew says:

    Anchorfree’s Expat Shield has free and low cost version

Leave a Reply

 

Shop for Apple & Mac Deals on Amazon.com

Subscribe to OSXDaily

Subscribe to RSS Subscribe to Twitter Feed Follow on Facebook Subscribe to eMail Updates