SSH Tunnel Setup for Linux

Complete guide to configuring SSH tunneling on Linux using Terminal

📋 Before You Begin

Ensure you have your username and SSH password ready. You'll need your SSH server hostname (provided via email when you requested SSH access), username, and password to connect to our secure SSH proxy servers.

Important: All SSH proxy servers are under the cotse.net domain. The codamail.com domain is exclusively for email services. SSH access must be requested separately from your email account.

📦 Step 1: SSH Client Installation

Most Linux distributions include SSH by default. If not installed, use your distribution's package manager:

🎩 Red Hat/Fedora/CentOS:

sudo dnf install openssh-clients

🐧 Ubuntu/Debian:

sudo apt update && sudo apt install openssh-client

🦎 openSUSE:

sudo zypper install openssh

🏹 Arch Linux:

sudo pacman -S openssh

Accessing Terminal:

Keyboard shortcut: Ctrl + Alt + T (most distributions)
Applications menu: Look for "Terminal", "Console", or "Command Line"
Activities/Dash: Search for "terminal"

🔐 Step 2: Choose Your SSH Tunnel Command

Select one of the following commands based on your preferred filtering level. Replace youraccount with your username and yourassignedsshserver with your server hostname:

🔧 Port 8888 - Unfiltered (Recommended)

ssh -L 5000:127.0.0.1:8888 youraccount@yourassignedsshserver

Best for: Advanced users who want speed and control. You handle your own filtering, with basic header changes for privacy protection.

🛡️ Port 8080 - Filtered (Maximum Privacy)

ssh -L 5000:127.0.0.1:8080 youraccount@yourassignedsshserver

Best for: Users wanting maximum privacy. Routes through Privoxy for enhanced safety, but may be slower.

⚡ Port 9999 - Pass-through (Fastest)

ssh -L 5000:127.0.0.1:9999 youraccount@yourassignedsshserver

Best for: Users needing minimal interference. Only changes your IP address, no other modifications. Fastest option.

🚀 Step 3: Establish SSH Connection

First Connection:

Paste your chosen command into Terminal and press Enter
On first connection, you'll see a host key verification prompt:
The authenticity of host 'express1.cotse.net (67.159.26.65)' can't be established.
ECDSA key fingerprint is SHA256:example_fingerprint_here.
Are you sure you want to continue connecting (yes/no/[fingerprint])?
Type yes and press Enter to accept the server key
Enter your password when prompted (typing will not be visible)
Keep the Terminal window open - this maintains your tunnel

Connection Success: Once connected, you'll see a shell prompt or the connection will appear to "hang" - this is normal and means your tunnel is active.

🌐 Browser Configuration

Firefox Configuration (Recommended):

Open Firefox
Click menu (☰) → Settings
Scroll to Network Settings and click Settings
Select Manual proxy configuration
In HTTP Proxy enter: 127.0.0.1
In Port enter: 5000
Select Use proxy server for all protocols
Click OK

Chromium/Chrome Configuration:

Launch Chrome/Chromium with proxy settings:
google-chrome --proxy-server="http://127.0.0.1:5000"
or
chromium-browser --proxy-server="http://127.0.0.1:5000"
Alternatively, use system proxy settings through your DE's network configuration

System-Wide Proxy (GNOME):

Settings → Network → Network Proxy
Select Manual
HTTP Proxy: 127.0.0.1, Port: 5000
Apply system-wide

System-Wide Proxy (KDE):

System Settings → Network → Proxy
Select Manually specify proxy settings
HTTP proxy: 127.0.0.1:5000
Apply settings

🐧 Linux-Specific Features

Background Connection Management:

Background Process: Use nohup or screen:
nohup ssh -L 5000:127.0.0.1:8888 youraccount@yourassignedsshserver &
screen -S ssh_tunnel ssh -L 5000:127.0.0.1:8888 youraccount@yourassignedsshserver
Systemd Service: Create a service file for automatic startup
Cron Job: Automatic reconnection on system reboot

SSH Configuration File:

Create ~/.ssh/config for permanent settings:
Host cotse-tunnel
    Hostname yourassignedsshserver
    User youraccount
    LocalForward 5000 127.0.0.1:8888
    ServerAliveInterval 60
Then connect with: ssh cotse-tunnel

Network Manager Integration:

Some Linux distributions can integrate SSH tunnels with NetworkManager
Check for SSH VPN plugins in your distribution's repository
Consider GUI SSH managers like Remmina or PAC Manager

🔧 Troubleshooting

Common Linux-specific issues and solutions:

Permission Denied: Check SSH client is installed, verify credentials
Connection Refused: Verify SSH server hostname is correct
Host Key Verification Failed: Remove old key: ssh-keygen -R hostname
Port Already in Use: Kill existing process: sudo netstat -tulpn | grep :5000
Broken Pipe: Connection dropped, restart SSH command
Slow Performance: Try port 9999 for fastest speed

Distribution-Specific Issues:

SELinux (RHEL/CentOS): May block SSH tunneling, check with sealert -a /var/log/audit/audit.log
AppArmor (Ubuntu): SSH profile may restrict tunneling
Firewall (UFW/iptables): Ensure local ports are not blocked
Network Manager: May interfere with DNS settings

Process Management:

List SSH processes: ps aux | grep ssh
Kill SSH tunnel: pkill -f "ssh -L"
Monitor connection: netstat -an | grep 5000

📞 Need Help?

If you need additional assistance with SSH tunnel setup on Linux or encounter any issues not covered in this guide, please contact our support team at helpdesk@codamail.com.

We're here to help ensure your SSH tunnel works perfectly and keeps your Linux system browsing secure and private.