Featured resource
2025 Tech Upskilling Playbook
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Check it out
  • Lab
    • Libraries: If you want this lab, consider one of these libraries.
    • Cloud
    • Security
Google Cloud Platform icon
Labs

Configure an SSH SOCKS5 Proxy as a Jump Point

For this lab, we need to configure an SSH SOCKS5 proxy as a jump point. There are several key things we need to do. First, we need to allow traffic only on port 61613 and only from one IP address. SSH must run on port 61613. Next, we must verify the configuration is valid. Another thing to pay attention to is that the client can use the server as a SOCKS5 proxy.

Google Cloud Platform icon
Lab platform
Lab Info
Level
Intermediate
Last updated
Jul 26, 2025
Duration
2h 0m

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
Table of Contents
  1. Challenge

    Generate a Private/Public Key Pair

    This is necessary to use for authentication against the server on the client.

    ssh-keygen
    
  2. Challenge

    Configure the JumpPointServer

    Change the SSH Port from 22 to 61613, PermitRootLogin to no, and PubkeyAuthentication to yes.

    sudo vim /etc/ssh/sshd_config
    
    Port 61613
    PermitRootLogin no
    PubkeyAuthentication yes
    
    ESC
    :wq
    ENTER
    
  3. Challenge

    On the JumpPointServer Inform SELinux of the Change of Ports and Configure firewalld to Allow Port 61613 for SSH

    Inform SELinux of the Change of Ports

    sudo semanage port -a -t ssh_port_t -p tcp 61613
    

    Configure firewalld to Allow Port 61613 for the SSH Service

    sudo vim /usr/lib/firewalld/services/ssh.xml
    
    <port protocol="tcp" port="61613"/>
    
    ESC
    :wq
    ENTER
    

    Reload firewalld

    sudo firewall-cmd --reload
    

    Copy the Public Key from the Client to /home/cloud_user/authorized_keys

    Restart SSHD

    sudo systemctl restart sshd
    

    Log Back into the JumpPointServer

  4. Challenge

    On the JumpPointServer Generate a Key Pair for the ContainerServer
    ssh-keygen
    

    Copy the Public Key from JumpPointServer to the Following Location on the ContainerServer

    /home/cloud_user/authorized_keys
    
  5. Challenge

    Configure the ContainerServer

    Change the SSH Port from 22 to 61613, PermitRootLogin to no, PubkeyAuthentication to yes.

    sudo vim /etc/ssh/sshd_config
    
    Port 61613
    PermitRootLogin no
    PubkeyAuthentication yes
    
    ESC
    :wq
    ENTER
    
  6. Challenge

    On the ContainerServer Inform SELinux of the Change of Ports, Configure firewalld to Allow Port 61613 for SSH

    Inform SELinux of the Change of Ports

    sudo semanage port -a -t ssh_port_t -p tcp 61613
    

    Configure firewalld to Allow Port 61613 for SSH Service

    sudo vim /usr/lib/firewalld/services/ssh.xml
    
    <port protocol="tcp" port="61613"/>
    
    ESC
    :wq
    ENTER
    

    Reload firewalld

    sudo firewall-cmd --reload
    

    Log Back Into the ContainerServer from the JumpPointServer

  7. Challenge

    Allow Access Only from the JumpPointServer
    sudo firewall-cmd --permanent --zone=public --add-rich-rule='
                rule family="ipv4"
                source address="<IP or NETWORK>"
                port protocol="tcp" port="<PORT_NUMBER>" accept'
    
    sudo firewall-cmd --reload 
    

    Restart SSHD

    sudo systemctl restart sshd

    Close Off SSH for Others

    sudo firewall-cmd --permanent --remove-service=ssh
    
  8. Challenge

    Optional - Open a SOCKS5 Proxy from Our Client to the JumpPointServer
    ssh -D 1337 -q -C -N -f cloud_user@IP
    

    Configure Our Browser Proxy Settings to Make Use of the SSH Tunnel

    PORT: 1337
    ADDRESS: localhost or 127.0.0.1
    

    On Firefox This Can Be Configured under Network Settings

About the author

Pluralsight Skills gives leaders confidence they have the skills needed to execute technology strategy. Technology teams can benchmark expertise across roles, speed up release cycles and build reliable, secure products. By leveraging our expert content, skill assessments and one-of-a-kind analytics, keep up with the pace of change, put the right people on the right projects and boost productivity. It's the most effective path to developing tech skills at scale.

Real skill practice before real-world application

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Learn by doing

Engage hands-on with the tools and technologies you’re learning. You pick the skill, we provide the credentials and environment.

Follow your guide

All labs have detailed instructions and objectives, guiding you through the learning process and ensuring you understand every step.

Turn time into mastery

On average, you retain 75% more of your learning if you take time to practice. Hands-on labs set you up for success to make those skills stick.

Get started with Pluralsight