Your location: Your IP: Your status:ProtectedUnprotected · To the tests »

Using SSH in the terminal (Linux)

Download SSH keys

To allow the SSH client to verify that it has connected to a Perfect Privacy server, you first need the known_hosts file containing the public keys of the servers. Download it as follows:


Starting an encrypted HTTP proxy

The most common use of SSH with Perfect Privacy is for encrypted HTTP proxies. Normally the connection to HTTP proxies is unencrypted, but with SSH this connection can be used encrypted.

Run SSH as follows:

ssh -N -oUserKnownHostsFile=perfect_privacy_known_hosts -L 5080: BENUTZERNAME@SERVER

Instead of USERNAME enter your Perfect Privacy username, instead of SERVER enter a server of your choice (in the example

The number 5080 indicates on which local port the HTTP proxy should be available. Here you can also select any other port.

After entering the Perfect Privacy password, you can use the proxy at The setup of Firefox and Chromium is explained in the SSH Manager manual.

Start an encrypted SOCKS proxy

A SOCKS proxy is very similar to the HTTP proxy in the above points. However, some applications only support one of the two methods.

To do so, start SSH as follows:

ssh -N -oUserKnownHostsFile=perfect_privacy_known_hosts -D 5081 BENUTZERNAME@SERVER

In this case, 5081 is the port on which the SOCKS proxy is to be available locally.

Tunnelling a Tor proxy over SSH

If you want to get a taste of the Tor network, you can use Perfect Privacy's Tor proxy via SSH. This allows you to access .onion addresses using your normal browser.

To use the Tor proxy, start the SSH connection as follows:

ssh -N -oUserKnownHostsFile=perfect_privacy_known_hosts -L 5083: BENUTZERNAME@SERVER

If you are using Tor for security and anonymity reasons, we strongly recommend that you do not use your normal browser and use the Tor Browser Bundle instead.

General port forwarding

The use of SSH with Perfect Privacy is not limited to HTTP, SOCKS and Tor proxies. You can tunnel the connection to any other service through SSH and hide your IP address from service providers.

In this example, we route the connection to the (fictitious) SMTP server on port 25 through the SSH tunnel and make this service available locally on port 5082:

ssh -N -oUserKnownHostsFile=perfect_privacy_known_hosts -L BENUTZERNAME@SERVER

This website uses cookies to analyze the traffic and to control our advertising. By using this site, you agree to the use of cookies. More information can be found in our privacy policy.