How to Setup a Private Proxy Server on EC2 in Under 10 Minutes

How to Setup a Private Proxy Server on EC2 in Under 10 Minutes

I’ve been slacking a bit with regular blog posts, so I thought I would catch up again with something simple yet useful.

This post will show you how to setup a simple private proxy server on Amazon Elastic Compute Cloud (EC2) and how to tunnel into it via SSH from your PC. Although your anonymity is probably not 100% guaranteed, you will be able to hide your identity from most sites and bypass most country restrictions.

Let’s start with AWS.

Create an Amazon Web Services (AWS) Account

First thing you will need is an AWS account. Go to the AWS Portal and sign up.
You will need a credit card to complete this process.

Why AWS? It is my preference, they commit to 99.95% uptime and they offer 750 hours of Amazon EC2 Micro Instance usage as part of their free usage tier.

Although this post primarily uses AWS, these steps can easily be replicated on any VPS hosting service like Linode.

Creating an EC2 Instance

Once you are verified and logged in, proceed to the EC2 service in the AWS Management Console and from the EC2 Dashboard click the Launch Instance button. Follow the steps and launch the instance.

If you did not create or use an existing Security Group, the one that gets created with the instance should be more than sufficient. The most important thing is to ensure that incoming connections are allowed over port 22.

Once your instance has been started and is up and running, take note of the Public DNS, as you will need it to connect via SSH.

NB. Unless you use an Elastic IP, the Public DNS will change every time you restart the instance.

Installing Tinyproxy

Tinyproxy is a small and fast HTTP/HTTPS proxy server daemon.

Connect to your instance using the key pair you downloaded:

1	ssh -i ~/.ssh/kp-ergo-proxy.pem ubuntu@ec2-54-242-82-159.compute-1.amazonaws.com

Install Tinyproxy

1	sudo apt-get install tinyproxy

By default Tinyproxy listens on port 8888 and only accepts local connections. This is not a problem since we will be tunneling in via SSH.

Tunneling

Open your terminal and start digging.

1	ssh -L 3128:localhost:8888 -N -i ~/.ssh/kp-ergo-proxy.pem ubuntu@ec2-54-242-82-159.compute-1.amazonaws.com

• -L port:host:host-port Specifies that the given port on the local (client) host is to be forwarded to the given hostand host-port on the remote box.
• -N Do not execute any remote commands.

The above command can be added to either your .bashrc or .zshrc as an alias.

.zshrc

1	alias proxystart="ssh -L 3128:localhost:8888 -N -i ~/.ssh/kp-ergo-proxy.pem ubuntu@ec2-54-242-82-159.compute-1.amazonaws.com"

I won’t be covering Windoze in this post, but here is an article on how to setup tunneling using PuTTY.

Configuring Your Network

All major operating systems will allow you to edit proxy settings under the network settings or some similar place. In OS X, edit your network connection’s Proxy settings as follows:

Finally, to confirm everything is working visit smart-ip.net and you should see something like this:

Set up a cron task to restart Tinyproxy periodically to save memory

This isn't absolutely necessary to get this running, but if you're going to leave Tinyproxy running all the time and not restart your machine, then it will eventually eat all your memory and lock up your server.  Open up root's crontab:

sudo crontab -e

And add the following lines

0 22    * * *   root    /etc/init.d/Tinyproxy restart

That's a tab after the 22, tab after the last *, and tab after root.  Also add a final return at the end so you have one extra blank line in the file.