Using SSH in the terminal (Linux)

All functions of the SSH Manager can of course also be set up manually in the terminal. For this you don't even need a graphical user interface. With SSH you can establish encrypted connections to actually unencrypted services even without VPN. This is most often used for encrypted HTTP and SOCKS proxies. This can be used to encrypt the traffic of individual applications, such as browsers or games, while - unlike VPN - all other applications remain untouched.

The OpenSSH client is pre-installed on most systems. If this is not the case, please install SSH first:

sudo apt-get install ssh

Download known_hosts with wget in the terminal | Using SSH in the terminal (Linux)

Download SSH keys

To allow the SSH client to verify that it has connected to a Perfect Privacy server, you first need the known_hosts file containing the public keys of the servers. Download it as follows:

wget https://www.perfect-privacy.com/downloads/perfect_privacy_known_hosts

Using SSH in the terminal to provide an HTTP proxy | Using SSH in the terminal (Linux)

Starting an encrypted HTTP proxy

The most common use of SSH with Perfect Privacy is for encrypted HTTP proxies. Normally the connection to HTTP proxies is unencrypted, but with SSH this connection can be used encrypted.

Run SSH as follows:

ssh -N -oUserKnownHostsFile=perfect_privacy_known_hosts -L 5080:127.0.0.1:3128 BENUTZERNAME@SERVER

Instead of USERNAME enter your Perfect Privacy username, instead of SERVER enter a server of your choice (in the example frankfurt.perfect-privacy.com).

The number 5080 indicates on which local port the HTTP proxy should be available. Here you can also select any other port.

After entering the Perfect Privacy password, you can use the proxy at 127.0.0.1:5080. The setup of Firefox and Chromium is explained in the SSH Manager manual.

Using SSH in the terminal to provide a SOCKS proxy | Using SSH in the terminal (Linux)

Start an encrypted SOCKS proxy

A SOCKS proxy is very similar to the HTTP proxy in the above points. However, some applications only support one of the two methods.

To do so, start SSH as follows:

ssh -N -oUserKnownHostsFile=perfect_privacy_known_hosts -D 5081 BENUTZERNAME@SERVER

In this case, 5081 is the port on which the SOCKS proxy is to be available locally.

Using SSH in the terminal to provide a Tor proxy | Using SSH in the terminal (Linux)

Tunnelling a Tor proxy over SSH

If you want to get a taste of the Tor network, you can use Perfect Privacy's Tor proxy via SSH. This allows you to access .onion addresses using your normal browser.

To use the Tor proxy, start the SSH connection as follows:

ssh -N -oUserKnownHostsFile=perfect_privacy_known_hosts -L 5083:127.0.0.1:9050 BENUTZERNAME@SERVER

If you are using Tor for security and anonymity reasons, we strongly recommend that you do not use your normal browser and use the Tor Browser Bundle instead.

Forward a port with SSH in the terminal | Using SSH in the terminal (Linux)

General port forwarding

The use of SSH with Perfect Privacy is not limited to HTTP, SOCKS and Tor proxies. You can tunnel the connection to any other service through SSH and hide your IP address from service providers.

In this example, we route the connection to the (fictitious) SMTP server mail.example.com on port 25 through the SSH tunnel and make this service available locally on port 5082:

ssh -N -oUserKnownHostsFile=perfect_privacy_known_hosts -L 5082:mail.example.com:25 BENUTZERNAME@SERVER