Hawkes Blog
Windows reboot | Linux be root
Hawkes Blog

a web-proxy with tinyproxy and ssh-tunnel

Short How-To: tinyproxy on raspbian

  • raspberry pi running raspbian with openssh-server/dropbear
  • putty / ssh client
  • rasberry is accessible from the internet (if you want to use it from everywhere)

install tinyproxy

apt-get update
apt-get install tinyproxy

edit /etc/tinyproxy.conf

User nobody
Group nogroup
Port 8888
Timeout 600
DefaultErrorFile "/usr/share/tinyproxy/default.html"
StatFile "/usr/share/tinyproxy/stats.html"
Logfile "/var/log/tinyproxy/tinyproxy.log"
LogLevel Critical
PidFile "/var/run/tinyproxy/tinyproxy.pid"
MaxClients 100
MinSpareServers 5
MaxSpareServers 20
StartServers 15
MaxRequestsPerChild 0
ViaProxyName "tinyproxy"
ConnectPort 443
ConnectPort 563

details -> man tinyproxy.conf

restart and testing

/etc/init.d/tinyproxy restart

netstat -tulpen | grep tiny

tcp        0      0*               LISTEN      0          9161207     29781/tinyproxy

tinyproxy is up and running, lets configure a ssh client to open a ssh-tunnel to use your proxy from everywhere.

Client Setup

my setup:
tinyproxy is running at rp1.home
ssh port of rp1.home is accessible from everywhere using a no-ip.com dns entry

1. ssh tunnel via shell

ssh -f -p 44444 *user*@*dns name or ip* -L 8000: -N -v

all traffic to the local port 8000 will be forwarded over a ssh-tunnel to our tinyproxy listen on the raspberry pi port 8888

  • -f background mode
  • -p ssh connect port (if you don´t use 22)
  • -L 8000: local-port:bind interface/hostname of the remote system:remote-port
  • -N don´t execute a command on the remote system

test it with curl

curl -IL --proxy www.the-hawkes.de

debug1: Connection to port 8000 forwarding to port 8888 requested.
debug1: channel 2: new [direct-tcpip]
HTTP/1.1 200 OK
debug1: channel 2: free: direct-tcpip: listening port 8000 for port 8888, connect from port 51325, nchannels 3
Via: 1.1 tinyproxy (tinyproxy/1.8.3)
Vary: Accept-Encoding
Content-Type: text/html
Last-Modified: Tue, 21 May 2013 12:58:23 GMT
Date: Fri, 12 Jul 2013 07:18:09 GMT
ETag: "519b6f6f-421f"
Accept-Ranges: bytes
Server: nginx
Content-Length: 16927

2. ssh tunnel with putty

  • load saved session
  • Connection -> SSH -> Tunnel
  • Source Port: 8000
  • Destination:
  • add
  • save the session again
  • open the connection to your raspberry

detailed putty tunnel guide

you can use the tunnel as long as you keep your putty session open.

The last step is to add as your new proxy to your browser.

MfG Hawkes