Skip to content

Instantly share code, notes, and snippets.

@webinista

webinista/RunAProxyOnAmazonEC2VPC.md

Last active April 17, 2024 05:58
Show Gist options
  • Save webinista/812c20247a6c21e639ce to your computer and use it in GitHub Desktop.
Save webinista/812c20247a6c21e639ce to your computer and use it in GitHub Desktop.
Download ZIP
Create a proxy server on an Amazon EC2 (VPC) instance
Raw
RunAProxyOnAmazonEC2VPC.md

This will create a proxy server in whatever your availability zone your VPC is in. For me, that's us-east-1b. For you, that may be something different. Steps 10+ should more or less work regardless of your provider since those steps cover the setup and configuration of TinyProxy.

  1. Click the Launch Instance button.

  2. Choose Ubuntu Server 14.04 LTS (HVM), SSD Volume Type. This isn't strictly necessary. If you choose another OS, check its documentation for how to install new packages.

  3. On the Choose an Instance Type screen, select t2.micro. It's Free Tier eligible.

  4. Click the Next: ... buttons until you reach the Configure Security Group screen.

    • You may wish to reduce the amount of storage on the Add Storage screen. This is optional.
    • You may wish to add a tag on the Tag Instance screen. This is also optional.

  5. On the Configure Security Group screen:

    • Select Create a new security group.
    • On the first line, verify that Type is SSH, Protocol is TCP and the Port Range is 22. Under Source, select "My IP" from the drop down menu. This restrict incoming connections to those from your IP address.
    • Click the Add Rule button.
    • Select Custom TCP Rule. Make sure the Protocol is TCP, and the Port Range is 8888. Under Source, select My IP from the drop down menu. This opens Port 8888.

  6. Click Review and Launch, and on the following screen, click Launch.

  7. Make sure Use an existing key pair is selected, or create a new key. If you are using an existing pair, check the acknolwedgement box.

  8. Go to View Instances.

  9. Select the instance you just created. Click the Connect button above the list of instances.

  10. Using a terminal window, run the SSH command listed, e.g. ssh -i /path/to/yourkey.pem ubuntu@xxx.xxx.xxxx, where xxx.xxx.xxxx is the IP of your EC2 or VPC instance. The first time, SSH will tell you The authenticity of host 'xxx.xxx.xxxx (xxx.xxx.xxxx)' can't be established. Continue anyway.

  11. Run this command: sudo apt-get install tinyproxy (or the package installation command for the flavor of Linux your instance is using).

  12. Edit /etc/tinyproxy.conf using the editor of your choice. You'll probably need to use sudo.

  13. Make sure that /etc/tinyproxy.conf file contains the lines Port 8888 and Allow xxx.xxx.xxx.xxxx where xxx.xxx.xxx.xxxx is your IP address. (Check your IP address by running curl ipecho.net/plain from another Terminal window, or use WhatIsMyIP.com).

  14. Start TinyProxy using /etc/init.d/tinyproxy start. You may want to set this up in a cron job to save memory as Justin McCandless suggests. I usually shut down the instance after I'm done with it, so I haven't bothered doing this.

  15. Most other tutorials about this subject say to run the command below with the -N flag. The -N flag means Do not execute a remote command. Using it didn't work for me. So I ran the command below without that flag. Here, 3128 is the port that we'll use to connect to localhost. And it will be forwarded to port 8888 of our EC2 VPC instance.

    ssh -L 3128:localhost:8888 -i /path/to/yourkey.pem ubuntu@xxx.xxx.xxxx

  16. Change your browser or operating system's proxy settings.

    • Make the host localhost
    • Set the proxy port to 3128
    • Verify that this went well by running curl ipecho.net/plain from another Terminal window, or by using WhatIsMyIP.com. Your IP should match that of your VPC.
@tsherdiwala
Copy link

This is an awesome piece.. I have used it many times.
However I was just wonder if instead of keeping the terminal open on my machine, may be I could point my browser to the EC2 instance and get the proxy running. That way in the client device I just need to set the proxy and won't need to run an SSH.

Any idea on how to do this?

@attahkhan016
Copy link

Hello ,
Can you tell me how to proxy a DNS (AWS Elastic Load Balancer provided DNS) ?
***For example I want to add a load balancer in front of my proxy servers, then what should be the configuration ?
Should I need to make any changes in tinyproxy.conf for the elastic load balancer DNS ? or just point to the source server and attach the servers to elb ?

@ccc-tomr
Copy link

ccc-tomr commented Dec 4, 2016

I didn't use step 15 and had no problems pointing my browser to my EC2 instance, no need to use ssh. Worked like a charm...
tinyproxy rocks !

@talkingpixels
Copy link

talkingpixels commented Jan 28, 2017
edited

Step 10 - I had an the error...
Permissions 0644 for 'yourkey.pem' are too open.

Changing the permissions to 600 resolved it...
chmod 600 /path/to/yourkey.pem

@linjiang82
Copy link

I tried to use port 22 directly, it also works, so why do we need to open port 8888

@lys886
Copy link

lys886 commented Jan 15, 2018

This is a good idea. But I think, there is no necessary to install 'tinyproxy'; we can just use SSH tunnel.
We can just follow the first 10 step(1 to 10), then you can login your AWS EC with ssh.
11. setup an ssh dynamic tunnel for your ssh connection;( XSHELL: connection properties- SSH - tunneling - add, change type to Dynamic(socks4/5),listening port 3128 or any one not using in you PC, click OK; Putty: SSH-tunnels, Source port 3128/Dynamic, Add )
Then goto step 16.

@gnanakeethan
Copy link

Yes exactly.

I use this. and apply SOCKS5 config to 127.0.0.1:8123

ssh -D 8123 -C -q -N USERNAME@IP -vvv

@mj6uc
Copy link

mj6uc commented Apr 17, 2018

Point 15 - I had to run this as
ssh -NL 3128:localhost:2908 -i my.pem ec2-user@myserver.com

the -N was required. (I am on mac)

@connorbode
Copy link

might have to run apt-get update before step 11

@praveen27Kmr
Copy link

praveen27Kmr commented Jun 4, 2018
edited

Hi May I run Both at same time VPN proxy server and One Of My Application which run via system proxy

@tegila
Copy link

tegila commented Sep 14, 2018
edited

Point 15 - I had to run this as
ssh -NL 3128:localhost:2908 -i my.pem ec2-user@myserver.com

the -N was required. (I am on mac)

I do the same on amazon ec2 but it's dropping my connection after a few hours.
client:
ssh -N -R2020:localhost:22 ec2-user@.....compute.amazonaws.com (still running)

server:
nmap localhost -p 2020
PORT STATE SERVICE 2020/tcp closed unknown

Hang out after some time, normally when i want use it (haha)
any ideas for new try? I already tried autossh unsuccessfully =\

@SheldonWangRJT
Copy link

Can I open more than one instances and then map more each localhost port to a single instance to get more than one proxies working from my machine?

@GeekStocks
Copy link

+1 for the comment by @connorbode

might have to run apt-get update before step 11

@zdenekslavik
Copy link

Or use free tool such https://createproxy.com to create Amazon AWS proxy servers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment