Skip to content

Latest commit

 

History

History
159 lines (124 loc) · 5.78 KB

index.md

File metadata and controls

159 lines (124 loc) · 5.78 KB
Raw
title description date lastmod draft noindex nav_weight series categories tags images authors
How to Install and Configure Dante as Private SOCKS Proxy in Ubuntu
This article helps you setting up and configuring Dante as a private SOCKS proxy on Debian based Linux distribution.
2023-11-10 19:56:43 +0700
false
false
1000
Privacy
Self-Hosted
SysAdmin
Networking
SOCKS
Proxy
Dante
jasmerah1966

This article helps you to set up and configuring Dante as a private SOCKS proxy (with authentication) on Debian based Linux distribution.

Dante is a mature and stable SOCKS proxy developed by Inferno Nettverk A/S proxy. This article helps you installing Dante as your private SOCKS proxy with username and password (pam) authentication system.

Preparing system

Before starting, there are several prerequisites that must be met to follow this article:

  • Comfortable using Linux terminal.
  • A Linux server with a Debian based distribution.

Because what we are going to create is a private proxy which requires username and password authentication from a user account on the Linux system, we need to create a Linux user on the server which will be used for the authentication process.

# Create new user
sudo useradd -r -s /bin/false myproxyuser
# set the user password
sudo passwd myproxyuser

Note: Change myproxyuser above with the user you want to use for authentication.

Install Dante server

Because Dante is a very mature and popular SOCKS proxy, you can easily install Dante server with the built-in Debian or Ubuntu package manager.

sudo apt install dante-server
systemctl status danted.service

After the installation process is complete, the system will automatically try to run danted.service, but the service will be failed to run because there is no authentication method that must be configured.

Configuring Dante server

Dante configuration file are located at /etc/danted.conf. There is an example of a configuration along with a very complete explanation of what the parameters or configuration variables are used for in that default configuration file.

Backup the default configuration file with sudo cp /etc/danted.conf /etc/danted.conf.bak command, then change the configuration in /etc/danted.conf with the following example configuration:

# log configuration
logoutput: stderr

# danted service will listen to any available IP addresses on port 1080
internal: 0.0.0.0 port=1080

# which interface will be used for outgoing connection
external: eth0

clientmethod: none
socksmethod: username
user.privileged: root
user.unprivileged: nobody
user.libwrap: nobody

client pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
}

socks pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
}

From the example configuration above, Dante will listen to any available IP addresses on port 1080 and all outgoing traffic will be passed through eth0 interface.

You can change the port, and you must adjust the external interface with your default server interface.

After adjusting the Dante configuration to fit with your needs, restart the service using sudo systemctl restart danted.service command.

Then, check whether danted.service is running properly with sudo systemctl status danted.service command:

● danted.service - SOCKS (v4 and v5) proxy daemon (danted)
     Loaded: loaded (/lib/systemd/system/danted.service; enabled; preset: enabled)
     Active: active (running) since Thu 2023-11-09 16:51:01 WIB; 1 day 1h ago
       Docs: man:danted(8)
             man:danted.conf(5)
    Process: 885 ExecStartPre=/bin/sh -c        uid=`sed -n -e "s/[[:space:]]//g" -e "s/#.*//" -e "/^user\.privileged/{s/[^:]*://p;q;}" /etc/danted.conf`;     >
   Main PID: 935 (danted)
      Tasks: 21 (limit: 9304)
     Memory: 18.5M
        CPU: 2.701s
     CGroup: /system.slice/danted.service
             ├─    935 /usr/sbin/danted
             ├─    955 "danted: monitor"
             ├─1494108 "danted: io-chil"
             ├─1494116 "danted: io-chil"
             ├─1494127 "danted: request"
             ├─1495807 "danted: request"
             ├─1496272 "danted: negotia"
             ├─1496273 "danted: request"
             .... snip

Nov 09 16:51:01 aws-ec2 systemd[1]: Starting danted.service - SOCKS (v4 and v5) proxy daemon (danted)...
Nov 09 16:51:01 aws-ec2 systemd[1]: Started danted.service - SOCKS (v4 and v5) proxy daemon (danted).
Nov 09 16:51:02 aws-ec2 danted[935]: Nov  9 16:51:02 (1699523462.105152) danted[935]: info: Dante/server[1/1] v1.4.2 running

Test your server

After all the processes above are complete, it's time to try using your proxy server. One of the easiest way to test is using curl from your local computer:

curl -x socks5://myproxyuser:myproxy_password@server_ip:proxy_port http://ifconfig.me

Change myproxyuser, myproxy_password, server_ip, and proxy_port with the authentication and configuration you have done before.

From the curl command above, your public IP address should become your proxy server IP address, not your home ISP IP address.

Troubleshooting

If you cannot establish a SOCKS5 connection to your proxy server, make sure the port used by Dante is open. Run the following ufw command (for Debian-based systems) to open a port from the firewall:

ufw allow proto tcp to any port 1080

Note: Change port 1080 and adjust it to your proxy server configuration.