How to Setup a SOCKS5 Proxy on Debian
17/01/2023
Server Requirements
Tested on Ubuntu 20.04 & Debian 11. Nice & simple for this one, all you'll need is about 64MB of RAM & a single vCPU, you can probably do this on a 32MB LXC Container but goodluck running apt-get on that sucker.
Step 1 - Update the system
Firstly update your system, on Debian you can use the below command.
sudo apt-get update && sudo apt upgrade
Step 2 - Installing Dante
We'll use Dante for this guide, Dante is an open-source SOCKS proxy server.
sudo apt install dante-server
systemctl status danted.service
× danted.service - SOCKS (v4 and v5) proxy daemon (danted)
Loaded: loaded (/lib/systemd/system/danted.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2023-01-17 06:02:01 UTC; 4s ago
Docs: man:danted(8)
man:danted.conf(5)
Process: 3049367 ExecStartPre=/bin/sh -c uid=`sed -n -e "s/[[:space:]]//g" -e "s/#.*//" -e "/^user\.privileged/{s/[^:]*://p;q;}" /etc/danted.conf`; if [ -n "$uid" ]; then touch /var/run> Process: 3049389 ExecStart=/usr/sbin/danted (code=exited, status=1/FAILURE)
Main PID: 3049389 (code=exited, status=1/FAILURE)
sudo rm /etc/danted.conf
sudo nano /etc/danted.conf
eth0
to venet0
logoutput: syslog
user.privileged: root
user.unprivileged: nobody
# The listening network interface or address.
internal: 0.0.0.0 port=1080
# The proxying network interface or address.
external: eth0
# socks-rules determine what is proxied through the external interface.
socksmethod: username
# client-rules determine who can connect to the internal interface.
clientmethod: none
client pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
}
sudo ufw allow 1080
Step 3 - Securing Dante
Dante will authenticate users using standard Linux user accounts. This is useful, but since the password for that connection will be transmitted in plain text, it's crucial to create a specific SOCKS user who will not have access to any other parts of the server.
sudo useradd -r -s /bin/false your_dante_user
sudo passwd your_dante_user
Step 4 - Starting Dante
Now restart Dante with your configuration changes.
sudo systemctl restart danted.service
Check the service is running correctly.
systemctl status danted.service
● danted.service - SOCKS (v4 and v5) proxy daemon (danted)
Loaded: loaded (/lib/systemd/system/danted.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2023-01-17 06:10:50 UTC; 5s ago
Docs: man:danted(8)
man:danted.conf(5)
Process: 3058300 ExecStartPre=/bin/sh -c uid=`sed -n -e "s/[[:space:]]//g" -e "s/#.*//" -e "/^user\.privileged/{s/[^:]*://p;q;}" /etc/danted.conf`; if [ -n "$uid" ]; then touch /var/run> Main PID: 3058304 (danted)
You can now successfully connect to your Dante server through your SOCKS proxy client. In a future guide I'll explain how to setup Foxyproxy & setting all external internet traffic from your webbrowser to travel through the proxy, this will be linked here replacing this text whenever that is written.