It’s periodically convenient to be able to point a web browser at someplace remote and not connected directly to the Internet (i’m looking at you, HP iLO) without firing up a VPN or resorting to poking holes in a firewall.

In this case, the built-in socks5 proxy in openssh (ssh -D 1080) is super handy, but changing your system settings to use the socks5 proxy in all of your browsers is almost as bad as firing up a VPN.

Fortunately, if Firefox is not your main browser, it is fairly straightforward to make the local tweak in Firefox, which will have no effect on Safari, Chrome, lynx, or whatever else you might prefer as a web browser for normal use.

Go to “about:config” in the url bar. Then set the config as follows:

network.proxy.socks : 127.0.0.1
network.proxy.socks_port : 1080
network.proxy.socks.remote_dns : true
network.proxy.socks_version : 5
network.proxy.type : 1

Then you can “ssh -D 1080 yourname@somehost.example” and further web accesses will go via the built-in openssh proxy and come from somehost.example.

To put it back (since I know you probably didn’t write the defaults down), merely setting the proxy type to 0 (no proxy) or 5 (use system settings) is sufficient; you can leave the other stuff alone.

network.proxy.type : 0

No restart of the browser is necessary, though you will no doubt eventually find yourself in a situation where you have the proxy configured and no tunnel up and wondering why you can’t get anywhere.