ssh tunnel and change IP
I create my tunnel in my laptop via:
ssh -p 22 -CfND 7777 mohsen@myserver
After input my password, connection is established.
And via socks5 in firefox I use
127.0.0.1:7777 and I can browse many filtered sites.
But google or some site understand that I use tunnel, How can i configure my ssh server to tell google or another site that I am not fake?
It’s not about the SSH server but about the SOCKS5 client: Firefox.
When Firefox performs the DNS lookup, any DNS server (such as Google’s) able to do Geolocalization through DNS will issue a DNS answer tailored for the client‘s (or its NAT router’s …) actual IP address, not for the SOCKS5’s server IP address. Or also if the client is set to use a recursive DNS server (eg: ISP’s) for resolution that performs filtering at the DNS level, this DNS server might directly filter the request without letting the client receive the actual address that the final DNS server would have provided.
By default Firefox will continue to perform its own DNS resolution whether using a SOCKS5 proxy or not, or at least that’s the default for Firefox 115 ESR where false appears as the default (not bold) and true as a changed parameter (bold) for
The documentation about
This preference controls whether DNS lookups for SOCKS v5 clients
happen on the client or on the proxy server.
Possible values and their
Have the proxy server perform DNS lookups.
Perform DNS lookups on the client.
go to Firefox’s settings in advanced configuration preferences (reachable with the special Firefox URL
about:configwithout anything else)
input in the parameter search
toggle it from
Because the OpenSSH SOCKS5 implementation supports only TCP and not UDP, one should also verify (tcpdump on client system) or ensure (firewalling on client system) that the client (Firefox, Chromium etc.) won’t use QUIC or HTTP/3 over UDP without the SOCKS5 proxy if UDP SOCKS5 attempts fail and thus "leak" the actual position, though I doubt this would happen.