Introduction
SOCKS is a protocol that supports routing other protocols between client and server. It allows forwarding of TCP packets to private networks, which can use higher-level protocols such as HTTP, FTP, POP, or SMTP. SOCKS operates at a lower level than HTTP proxies, so it's more appropriate to carry other protocols.
In a typical cloud scenario, we're accessing a Linux virtual machine in the cloud from a local Windows workstation. In this case, OpenSSH can act as a SOCKS server and PuTTY can act as a SOCKS client.
SOCKS is similar to port forwarding or SSH tunneling when using OpenSSH/PuTTY, but SOCKS is a general protocol that's not limited to these software packages. Also, SOCKS is more dynamic and avoids the need to set up multiple tunnels. It allows you to access multiple machines over multiple ports with a simple setup.
The use of OpenSSH as a SOCKS proxy with the steps in this demo gives users root access to the virtual machine running the OpenSSH server. This approach is suitable for a small number of trusted users.
One difference between SOCKS and SSH port forwarding is that, with SOCKS, the client application needs to be SOCKS-aware. By contrast, there's no need for any special client configuration with port forwarding. Connectivity is achieved by configuring the client application to connect to the entry point of the tunnel, rather than to the true service destination. Web browsers and certain other applications are SOCKS-aware, but many client applications are not. We can solve this problem with a technique called proxification, in which we use a SOCKS proxy client that intercepts network traffic and adds the proxy information.