22

In order to create a VPN, I open an SSH tunnel with a command like ssh -D 9000 user@host, and then I set my system's proxy settings to use SOCKS5 through localhost:9000. Well, setting up my home server with OpenSSH was easy enough, so I'm able to do this now and keep myself secure. But then I wondered, why not just host as a SOCKS server instead, and bypass the need to run the ssh command?

Is SOCKS an insecure protocol? Does this situation not make sense at all, or is it actually a good idea to set up my server as SOCKS instead of SSH'ing and creating a local SOCKS server? (I'm probably completely misunderstanding the role that SOCKS plays in the whole scheme, so please correct me)

Flux
  • 593
  • 4
  • 10
Ricket
  • 523
  • 1
  • 3
  • 9
  • Plain socks (not many socks clients can wrap it in TLS) is unencrypted and depending on the authentication used even authorized anonymously or in plaintext. However if you speak it only on localhost that might be less of an issue at all. – eckes Mar 02 '19 at 01:01

1 Answers1

28

SOCKS itself does nothing to protect your data. It simply allows you to proxy your connections through another connection.

The SSH connection from your local computer to the SSH server is what is giving you the security, because all traffic that goes through that connection (including your SOCKS traffic) is encrypted.

So, any traffic going between the client (eg a web browser) and the SOCKS proxy is not encrypted. Any traffic between the SOCK proxy and the SSH server is encrypted. Any traffic coming out the other side of the SOCKS tunnel is not encrypted. Since you are establishing the SOCK proxy on localhost, that first unencrypted part (between your browser and the proxy) is completely internal to your computer, so it doesn't matter that it is unencrypted.

pkaeding
  • 1,024
  • 7
  • 12