SSH Tunnel Setup for Linux

Complete guide to configuring SSH tunneling on Linux using Terminal

📋 Before You Begin

Ensure you have your username and SSH password ready. You'll need your SSH server hostname (provided via email when you requested SSH access), username, and password to connect to our secure SSH proxy servers.

Important: All SSH proxy servers are under the cotse.net domain. The codamail.com domain is exclusively for email services. SSH access must be requested separately from your email account.

📦 Step 1: SSH Client Installation

Most Linux distributions include SSH by default. If not installed, use your distribution's package manager:

🎩 Red Hat/Fedora/CentOS:

sudo dnf install openssh-clients

🐧 Ubuntu/Debian:

sudo apt update && sudo apt install openssh-client

🦎 openSUSE:

sudo zypper install openssh

🏹 Arch Linux:

sudo pacman -S openssh

Accessing Terminal:

Keyboard shortcut: Ctrl + Alt + T (most distributions)

Applications menu: Look for "Terminal", "Console", or "Command Line"

Activities/Dash: Search for "terminal"

🔐 Step 2: Choose Your SSH Tunnel Command

Select one of the following commands based on your preferred filtering level. Replace youraccount with your username and yourassignedsshserver with your server hostname:

🔧 Port 8888 - Unfiltered (Recommended)

ssh -L 5000:127.0.0.1:8888 youraccount@yourassignedsshserver

Best for: Advanced users who want speed and control. You handle your own filtering, with basic header changes for privacy protection.

🛡️ Port 8080 - Filtered (Maximum Privacy)

ssh -L 5000:127.0.0.1:8080 youraccount@yourassignedsshserver

Best for: Users wanting maximum privacy. Routes through Privoxy for enhanced safety, but may be slower.

⚡ Port 9999 - Pass-through (Fastest)

ssh -L 5000:127.0.0.1:9999 youraccount@yourassignedsshserver

Best for: Users needing minimal interference. Only changes your IP address, no other modifications. Fastest option.

🚀 Step 3: Establish SSH Connection

First Connection:

Paste your chosen command into Terminal and press Enter

On first connection, you'll see a host key verification prompt:

The authenticity of host 'express1.cotse.net (67.159.26.65)' can't be established.
ECDSA key fingerprint is SHA256:example_fingerprint_here.
Are you sure you want to continue connecting (yes/no/[fingerprint])?

Type yes and press Enter to accept the server key

Enter your password when prompted (typing will not be visible)

Keep the Terminal window open - this maintains your tunnel

Connection Success: Once connected, you'll see a shell prompt or the connection will appear to "hang" - this is normal and means your tunnel is active.

🌐 Browser Configuration

Firefox Configuration (Recommended):

Open Firefox

Click menu (☰) → Settings

Scroll to Network Settings and click Settings

Select Manual proxy configuration

In HTTP Proxy enter: 127.0.0.1

In Port enter: 5000

Select Use proxy server for all protocols

Click OK

Chromium/Chrome Configuration:

Launch Chrome/Chromium with proxy settings:

google-chrome --proxy-server="http://127.0.0.1:5000"

chromium-browser --proxy-server="http://127.0.0.1:5000"

Alternatively, use system proxy settings through your DE's network configuration

System-Wide Proxy (GNOME):

Settings → Network → Network Proxy

Select Manual

HTTP Proxy: 127.0.0.1, Port: 5000

Apply system-wide

System-Wide Proxy (KDE):

System Settings → Network → Proxy

Select Manually specify proxy settings

HTTP proxy: 127.0.0.1:5000

Apply settings

🐧 Linux-Specific Features

Background Connection Management:

Background Process: Use nohup or screen:

nohup ssh -L 5000:127.0.0.1:8888 youraccount@yourassignedsshserver &

screen -S ssh_tunnel ssh -L 5000:127.0.0.1:8888 youraccount@yourassignedsshserver

Systemd Service: Create a service file for automatic startup

Cron Job: Automatic reconnection on system reboot

SSH Configuration File:

Create ~/.ssh/config for permanent settings:

Host cotse-tunnel
    Hostname yourassignedsshserver
    User youraccount
    LocalForward 5000 127.0.0.1:8888
    ServerAliveInterval 60

Then connect with: ssh cotse-tunnel

Network Manager Integration:

Some Linux distributions can integrate SSH tunnels with NetworkManager

Check for SSH VPN plugins in your distribution's repository

Consider GUI SSH managers like Remmina or PAC Manager

🔧 Troubleshooting

Common Linux-specific issues and solutions:

Permission Denied: Check SSH client is installed, verify credentials

Connection Refused: Verify SSH server hostname is correct

Host Key Verification Failed: Remove old key: ssh-keygen -R hostname

Port Already in Use: Kill existing process: sudo netstat -tulpn | grep :5000

Broken Pipe: Connection dropped, restart SSH command

Slow Performance: Try port 9999 for fastest speed

Distribution-Specific Issues:

SELinux (RHEL/CentOS): May block SSH tunneling, check with sealert -a /var/log/audit/audit.log

AppArmor (Ubuntu): SSH profile may restrict tunneling

Firewall (UFW/iptables): Ensure local ports are not blocked

Network Manager: May interfere with DNS settings

Process Management:

List SSH processes: ps aux | grep ssh

Kill SSH tunnel: pkill -f "ssh -L"

Monitor connection: netstat -an | grep 5000

📞 Need Help?

If you need additional assistance with SSH tunnel setup on Linux or encounter any issues not covered in this guide, please contact our support team at helpdesk@codamail.com.

We're here to help ensure your SSH tunnel works perfectly and keeps your Linux system browsing secure and private.