So we have to make it through. First, the Chrome browser does support the common proxy way — Http proxy. And then, if we can “translate” the socket connection into the http connection, then it works!

The solution is to set up a http proxy in our localhost and let it do the job to help those App. to talk to the remote socket proxy. Then comes to the next tool we need, the Privoxy. Yep, we always use this software to help our Tor proxy services smarter. So we can also do it in this way:

Find the configure file of Privoxy : /etc/privoxy/config (in Ubuntu)
And add this line at the end of the file:

forward-socks5 / 127.0.0.1:7070 .

(don’t miss the “.” at the end of line, that make this route complete)

Easy to see that all the date transfer through the 7070 port will “translate” into the SSH socket 5 proxy service
Save and exit.

Restart the Privoxy :

sudo /etc/init.d/privoxy restart

(in Ubuntu)

And finished…. All you have to do next is to set up your browser’s proxy as http proxy: 127.0.0.1:7070

And BTW, the DNS pollution problem is still needed to be considered.

SSH stands for “security Shell”, that’s to say it provides a security access to OS via a “SHELL” like interface. So before you wanna play SSH trick, you have to own a host as the remote host. Then we can use ssh to access our host safely and manage the machine just like you are in front of it(normally in TEXT mode, of course ). But there is another way to use SSH tool, let it make a “tunnel” for our applications in local host. That means our applications like browsers can connect to the remote host via encrypted messages and the remote host will help them communicate with the destination sites. The result is that our communications become safer and the GFW can’t block us anymore~

Let’s go to own a host first. Be careful, not all the host or VPS provide SSH access. Make sure you are going to own a host with SSH function! My friend tell me that host-blaster.com provide free VPS with SSH access, so I visited it and registered a VPS.

Then the second step is to make SSH to dig a tunnel for us.
Input such like command in our local shell terminal:

ssh -qTfnN -D 7070 yourname@yourname.host-blaster.com

Maybe you use the ssh command before, but those parameters would make you puzzled. Let’s make them clean first.

-q:    Quiet mode.  Causes most warning and diagnostic messages to be
suppressed.  Only fatal errors are displayed.  If a second -q is
given then even fatal errors are suppressed, except for those
produced due solely to bad arguments.

-T      Disable pseudo-tty allocation.

-f      Requests ssh to go to background just before command execution.
This is useful if ssh is going to ask for passwords or
passphrases, but the user wants it in the background.  This
implies -n.  The recommended way to start X11 programs at a
remote site is with something like ssh -f host xterm.

-n      Redirects stdin from /dev/null (actually, prevents reading from
stdin).  This must be used when ssh is run in the background.  A
common trick is to use this to run X11 programs on a remote
machine.  For example, ssh -n shadows.cs.hut.fi emacs & will
start an emacs on shadows.cs.hut.fi, and the X11 connection will
be automatically forwarded over an encrypted channel.  The ssh
program will be put in the background.  (This does not work if
ssh needs to ask for a password or passphrase; see also the -f
option.)

-N      Do not execute a remote command.  This is useful for just for‐
warding ports (protocol version 2 only).

-D [bind_address:]port
Specifies a local “dynamic” application-level port forwarding.
This works by allocating a socket to listen to port on the local
side, optionally bound to the specified bind_address.  Whenever a
connection is made to this port, the connection is forwarded over
the secure channel, and the application protocol is then used to
determine where to connect to from the remote machine.

After that, we have cleaned that mass, this command tell SSH to work in the background and served at 7070 port.

So we go to the final step, make our application work via SSH “tunnel” we made just now.

For example, we browse web with Firefox, that all we have to do is to set our proxy setting of FF use the SSH. Then we set the socket proxy setting as

IP: 127.0.0.1(you can use loaclhost too) port: 7070  and click the socket 5 option.

BTW, if the GFW block the sites by DNS pollution, you have to active the FF to use remote dns. Type about:config to active the network.proxy.socks_remote_dns option.

That’s all, happy SSH life