Using ChatZilla through an SSH tunnnel
This document describes how to make ChatZilla use an SSH tunnel as a SOCKS proxy. This can be useful if the standard IRC ports are blocked on your network, if you need some privacy, or are just generally nuts enough to want your IRC connection to run through some other server on the other end of the globe :-). Note that you should not use this method for anything illegal, and should be aware of regulations about use of tunnels and IRC put in place by your ISP and/or your network administrator.
This document assumes:
- Basic familiarity with your OS's shell environment.
- SSH2 access to some host. This can even be your own machine, though that sort of defeats the purpose of using the tunnel, it can be useful for testing. Of course, this requires you have an SSH server set up on your own machine.
- Basic familiarity with ChatZilla
- Access to the network settings of ChatZilla (and Firefox or SeaMonkey, if you run it on either of those applications)
- Access to an executable capable of setting up a 'dynamic' SSH2 tunnel, or the privileges to install/download one if you don't have such access already.
3. Setting up the tunnel
First we set up the SSH tunnel. If you've already set up the tunnel, you can skip this step. Otherwise, this means you need your SSH executable just about now. If you don't have one, you can download the most recent version of OpenSSH for *nix machines, and you can use PuTTY on Windows.
The following examples use 4567 as the local port, 'user' for username, and 'host.org' for the host you would like to SSH tunnel to. Of course, you can pick anything you like (but keep in mind you need root privileges on *nix systems to use ports below 1024)
The easiest way to do this, in my opinion, is using 'plink', found from the PuTTY download page, mentioned above. You may also be able to use the normal putty executable here, but I haven't tested this. Now all you need to do is open a shell (Pick "Run" from the Start menu, enter "cmd" (without quotes) and hit Enter/return) and run:
plink -ssh -D 4567 -N email@example.comThis will use ssh to create a dynamic tunnel on port 4567 on the local machine to host.org, using username 'user' to login. The -N option will prevent plink from allocating a terminal. This is mostly because you'll only use the connection for the port forwarding, so there is no point in creating a terminal.
This is probably even easier than it is on Windows. In your favourite shell, run:
ssh -fND 4567 firstname.lastname@example.orgThis will create a dynamic tunnel on port 4567 on the local machine to host.org, using username 'user' to login. The -N option will prevent ssh from allocating a terminal, while the -f option will background the ssh process after authentication, which means you can still use your terminal afterwards.
4. Setting up ChatZilla to use the tunnel
Now we need to set up ChatZilla to connect through the tunnel you've created. How to do this depends on what you run ChatZilla on.
Important: if you use ChatZilla in Flock, Firefox, the Mozilla Suite or SeaMonkey, these proxy settings will also be used for all your normal browsing. If you do not like this, you could use a PAC file instead. This approach is not documented here, but Google has some info.
Firefox or Flock
Open the "Options" ("Preferences" on *nix) dialog, and switch to the "Advanced" section. Open the "Network" tab, and click the "Settings" button. Now select "Manual proxy configuration", and enter "127.0.0.1" in the SOCKS host field, and "4567" in the Port field (assuming you use the same port we mentioned earlier). Select "SOCKS v5", and close the dialog with the OK button. Close the Options/Preferences dialog the same way.
SeaMonkey or the Mozilla Suite
Open the "Preferences" dialog, open the "Advanced" tree and then the "Proxies" view. Then, select "Manual proxy configuration", and click the "Advanced" button. Then use "127.0.0.1" for the SOCKS Proxy field, and 4567 for the accompanying port. Select SOCKS v5 if it isn't already. Then use all the OK buttons to close the whole bunch of dialogs.
For this, you need access to about:config, or you need to manually hack your profile's prefs.js file. I recommend you use tH's package, which provides access to about:config from the ChatZilla menu.
Make sure the following preferences are set as described, and change them if necessary:
- network.proxy.socks should be set to 127.0.0.1
- network.proxy.socks_port should be set to 4567
- network.proxy.socks_version should be set to 5
- network.proxy.no_proxies_on should at least contain localhost, 127.0.0.1 (not necessarily in that order)
- network.proxy.type should be set to 1
5. Test your modifications
If you modified the preferences of the webbrowser you use to run ChatZilla from, you can test this by accessing a web page in your browser. If this still works, even after a refresh, the proxy-ing is most likely working. Otherwise, just connecting to your favourite IRC network should now be possible from within ChatZilla, just like you otherwise would. If you have any problems, and the proxy works for webbrowsing, you could try stopping by the ChatZilla support channel.
If you spot any silly mistakes or have additions to this page, please feel free to mail me at gijskruitbosch (at) gmail [dot] com.