1. Home
  2. Internet

What Happens if VPNs Get Blocked? Unlocking the Internet with SSH Tunneling

The issue of net neutrality has slowly become a worldwide concern. With big companies and ISPs fighting to control the internet, more and more people are turning to alternative methods to keep the web open and free. For every measure there’s a counter measure, however, which means this fight could go on for a very long time.

One of the most popular tools used to preserve online anonymity is virtual private networks. VPNs encrypt data before they leave your device, keeping it safe from prying eyes and routing it through an external network of servers to add a measure of anonymity. VPNs can help fight back against repealed net neutrality laws and internet fast lanes, but they’re not perfect solutions. In fact, ISPs can completely nullify VPNs by blacklisting the shared IP addresses most providers offer to their users. Nevertheless, there are still ways to access the free and open internet, including SSH tunneling and even some other features offered by a select few VPN providers.

VPNs and Net Neutrality

Virtual private networks restore a lot of online freedoms to regular internet users. They add encryption and anonymity, they break through censorship barriers, and they even make geo-blocking easy to bypass. In areas where net neutrality has bee repealed, VPNs also help restore unbiased access to the web. Sometimes they can even defeat tiered packages or even internet fast lanes!

The downside to VPNs is that ISPs can block them without too much trouble. In this case, you’ll need to look for alternative encryption methods to break through anti-neutrality barriers. There are plenty of protocols out there that can help you do this, but SSH tunneling is one of the most popular.

The Basics of SSH Tunneling

SSH tunneling, or secure shell tunneling, is more common than you might think. The protocol was developed in 1995 and has been in constant use ever since, starting with SSH1, evolving to SSH2, and eventually turning into OpenSSH. SSH is used to transfer unencrypted traffic over a network through an encrypted channel, essentially building a tunnel that can carry any type of packet. SSH is mostly used for small file transfers and remote server uploads, though it does have a number of uses beyond the terminal window.

Benefits of SSH Tunnels

The simplicity of SSH encryption makes it a surprisingly useful protocol, especially since it wasn’t designed for breaking through firewalls, merely transferring files securely. If you live in a place like China, Russia, or Turkey, however, SSH tunneling can help you access blocked content, since SSH itself is largely unmonitored. You can also use these tunnels to defeat ISP throttling since they travel through unique ports.

One of the most widespread modern uses of SSH is to securely access websites that block VPNs. If your virtual private network service is locked out, simply switch to the SSH tunneling option, hit the reload button, and the content will show up right away.

Drawbacks to SSH Tunneling

Even though it has been consistently maintained for decades, SSH is an old school-style protocol built when the internet was much smaller than it is today. Downloading gigabyte movies or streaming HD video content just wasn’t part of the web back then. For this reason, most modern users will view SSH as an incredibly slow method of encryption, poorly suited for anything beyond viewing websites or sending e-mail.

Due to the nature of SSH tunnel traffic, you’ll need to use it with a VPN that natively supports the protocol. Most public VPN services don’t allow SSH, unfortunately, which means you’ll have to create your own self-hosted VPN or find a public product with good SSH support.

Another drawback to the SSH tunnel experience is the protocol can be blocked. SSH traffic is detectible, just like VPN traffic. It’s a little more difficult to sniff out, but certainly not impossible. Because SSH has a ton of legitimate uses, though, it’s rare to see it blocked by ISPs or government censors. Removing SSH entirely would destroy legitimate uses of the protocol, so it’s generally left alone.

How to Create an SSH Tunnel

Creating an SSH tunnel isn’t as difficult as you might think. It’s also not a one-click process, though, so you’ll need to spend some time familiarizing yourself with some basic pieces of software. You’ll need to have an active VPN you can connect to to route your tunnel traffic through. Follow our guide on creating your own self-hosted VPN to get started, then come back here to get the SSH tunnel up and running.

Easiest Method – Use a VPN with SSH Support

There are only a few major VPN services that offer native support for SSH. If your VPN already offers SSH tunnels, all you have to do to take advantage of them is find the option in your local software and switch it on. No PuTTY configurations or terminal work, just a quick and easy settings toggle.

SSH Tunnels on Windows

Setting up an SSH tunnel to use on Windows isn’t terribly complicated. Once you’ve got your custom VPN up and running, all you need to do is download PuTTY and configure it for SSH tunneling. Follow the steps below and you’ll be set!

  1. Download PuTTY and open the program.
  2. In the “Host Name” box, enter the address of your VPN.
  3. In the menu tree to the left, unfold “SSH” and click on “Tunnels”
  4. Enter 8080 as the port. Make sure both “Auto” and “Dynamic” are selected, then click “Add”
  5. Click “Session” on the left menu to back to the main screen.
  6. Type a name in the top box beneath “Saved Sessions”, then click “Save”
  7. Click “Open” to connect to the server.
  8. A PuTTY security alert window will open. Click “Yes”
  9. Enter your server username and password and press ENTER.

Each time you start your computer you’ll need to run PuTTY and initiate the SSH tunnel. Since we created a saved session you won’t have to enter all the information again, simply choose the option and it will connect automatically.

SSH Tunnels on Mac and Linux

The more terminal-friendly Mac and Linux environments make SSH tunnels a breeze. No external downloads or installations are necessary, just make sure your VPN is running, open a terminal window, then enter the following command using your custom details.

ssh -ND 8080 user@your.server.com

Setting Your Browser to Use the SSH Tunnel

Setting up an SSH tunnel doesn’t automatically route your traffic through it. You need to set each web-accessible app to specifically use the tunnel’s encryption. Since we’re concerned with open internet access, we’ll be setting our browsers to use SSH by switching proxy details. Follow the guides below and you’ll be good to go.

Use SSH with Firefox:

  1. Create and run your SSH tunnel.
  2. In Firefox, go to the Settings menu and select Manual proxy configuration
  3. Next to “SOCKS Host” enter “localhost” without the quotes followed by 8080 as the port.
  4. Select SOCKS v5 below.
  5. Save the settings.

Use SSH with Chrome:

  1. Create and run your SSH tunnel.
  2. In Chrome, go to Preferences, then select “Under the Hood”
  3. Beside Network click “Change Proxy Settings”
  4. Select “Manual Proxy Configuration”
  5. Next to “SOCKS Host” enter “localhost” without the quotes followed by 8080 as the port.
  6. Save the settings.

If you need SSH tunnel protection outside of the browser, check each piece of software you use for custom proxy settings, then enter the same details as above.

Other Methods of Unlocking the Internet

Encryption isn’t restricted to VPNs or SSH tunnels. There are several other popular methods used to break through censorship firewalls or defeat anti-neutrality measures put into place by ISPs.

Shadowsocks (SOCKS5 Proxy)

Shadowsocks was made to restore open internet access in places like China. It uses the SOCKS5 protocol (Socket Secure 5) which transfers encrypted data packets between clients and servers by using a proxy server, masking the details of the source and destination in the process. SOCKS also provides a layer of authentication to make sure only the intended parties can access the information, making it even more difficult for ISPs to snoop through your data.

Shadowsocks is a little easier to use than other methods, but it does require some extra steps. For starters, you’ll need access to a shadowsocks server which requires deploying your own or renting one from an external service. It’s cross-platform, completely open source, and straightforward to use once you begin, however, making it a viable alternative if net neutrality is destroyed.

SSL/TLS Tunnel

SSL (Secure Socket Layer) tunnels are used every day by most people on the internet. Have you ever seen that little green icon in your browser window that shows up when connecting to an HTTPS site? That’s SSL doing its thing. SSL traffic is common, surprisingly fast, and moderately secure. This makes it an amazing alternative to VPNs and other tunnels in areas wrought with censorship or anti-neutrality policies.

SSL tunnels wrap traffic in its own style of encryption and sends it through a non-standard traffic port. Since websites commonly use these methods for transmitting data, ISPs or censorship firewalls won’t notice anything unusual. To use an SSL tunnel you’ll need to download the stunnel software, which is a bit of a pain to install and use. Once you learn the ins and outs of the app, though, you’ll be able to enjoy the open internet once again.

Tor and Onion

You’ve probably heard of the Tor Browser and its powerful anonymizing features. The software leverages the Tor network which uses a series of distributed, decentralized computers to pass data from one node to another. It does this using onion routing, a process of wrapping packets of data in multiple layers of encryption. Each node peels away a single layer of encryption before sending it to the next computer on the network. At the end, the packet is processed normally, then sent back to the origin via the same network.

Tor really is an amazing tool for adding anonymity to daily internet activities. Its incredibly slow nature makes it a poor choice for things like large file downloads and video streams, however. Tor is also pretty easy to block and will likely be one of the first tools to disappear if net neutrality is killed.

Obfsproxy

Obfsproxy, which is short for obfuscation proxy, is a tool that helps circumvent censorship and internet control methods by hiding OpenVPN or SSH traffic under an additional envelope of encryption. The process is extremely complex and difficult to pull off for casual users, however, making it a poor choice for basic unblocking actions.

Best VPNs for Unlocking the Internet

Defeating tiered internet packages and censorship firewalls is never an easy task. SSH tunnels make incredible strides in that direction, but they’re not perfect. VPNs fill in most of the gaps left by SSH tunnels and are superior in just about every way. By choosing the right VPN you can preserve many of your online freedoms without going through complicated set-ups.

Picking a good VPN with additional encryption support isn’t a straightforward process. In fact, most mainstream VPNs don’t offer anything beyond the standard OpenVPN protocol. There are a few that go above and beyond the norm, though, which is why we’re recommending them to anybody interested in keeping their data private and their internet connections unmonitored.

1. NordVPN

What Happens if VPNs Get Blocked? Unlocking the Internet with SSH Tunneling - NordVPN

NordVPN is a fantastic all-around VPN provider. The service’s huge network of over 2,000 servers in 56 different countries is one of its biggest selling points, but the thorough zero-logging policy that covers everything from traffic to bandwidth, IP addresses, and even time stamps is also worth mentioning. Users enjoy features like DNS leak protection, an automatic kill switch, and 256-bit AES encryption on every connection through every device, as well.

NordVPN doesn’t offer SSH tunnel support, but it does deliver obfsproxy and SSL tunnels through its main apps. Both methods help secure your connection using additional encryption measures and are great options to have as back-ups in case net neutrality goes out the window.

Want to save your privacy? Sign up with NordVPN and get a 77% discount on a 3-years subscription, just $2.75 a month! All plans are even backed by a 30-day money back guarantee.

2. ExpressVPN

What Happens if VPNs Get Blocked? Unlocking the Internet with SSH Tunneling - ExpressVPN

ExpressVPN is by far one of the fastest VPNs on the market. The company’s large server network spans most of the globe to deliver quick connections no matter where you live, work, or travel. Default 256-bit AES encryption locks your data down nice and tight, while a zero-logging policy on traffic, DNS leak protection, and an automatic kill switch keep you secure above and beyond the norm. ExpressVPN’s apps are also incredibly easy to use. Want to stay safe online? Just fire up the software and click a button, that’s it!

ExpressVPN doesn’t support SSH tunnels by default. It does allow for SSL tunnels on its main apps, which provides similar obfuscation that will help defeat blocks and website censorship just as effectively.

EXCLUSIVE deal for Addictive Tips readers! Sign up for a year with ExpressVPN (with this link)¬†at $6.67 per month and get 3 months FREE — that’s a 49% discount! There’s also an amazing 30 day money back guarantee, just in case you’re not completely satisfied with the service.

Conclusion

The loss of net neutrality means a crippling of everyone’s online freedoms. Small businesses will suffer, innovation will see a sharp downturn, and daily internet use will be a remarkably different affair. VPNs can go a long way to restoring the normal internet, but even they have their drawbacks. Unique encryption methods like SSH tunneling require a little set-up and technical know how, but they’re perfect for defeating tough blockades imposed by ISPs. Got any tips about unlocking the open internet? Share your knowledge in the comments below!

Leave a comment

DEAL EXPIRES IN:
0000
1111
0000
0000
0000
0000