Socks5 / SSH / VPN tunneling considerations

Objective: use Firefox, on Whonix Workstation, to connect to a website through a VPS (with root access).


  1. Use Firefox’s configurations for a socks5 proxy. Setup an SSH tunnel to the VPS using

ssh -D port username@server

  1. Same socks5 configuration on Firefox, but set up a socks server on the VPS using shadowsocks-libev

  2. Use openvpn on the client, set up openvpn server on the VPS.

I assume SSH and VPN are better than the socks5 server due to the encryption, and VPN is preferable to SSH due to better handling of UDP (mentioned in https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_SSH).

However, if the main purpose is to make the connection look as “normal” (“common”, perhaps be a better word) as possible from the point of view of the site we connect to, which of those settings may be preferable?

At this time - most realistically - using VPN - since it is the only option where we have setup of a fail closed mechanism fully documented.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]