diff --git a/content/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy.jpg b/content/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy.jpg new file mode 100644 index 0000000..dad278d Binary files /dev/null and b/content/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy.jpg differ diff --git a/content/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/index.id.md b/content/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/index.id.md new file mode 100644 index 0000000..09d79c5 --- /dev/null +++ b/content/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/index.id.md @@ -0,0 +1,160 @@ +--- +title: "Cara Install dan Mengkonfigurasi Dante SOCKS Private Proxy di Ubuntu" +description: "Artikel ini membantu Anda dalam melakukan setting dan mengkonfigurasi private SOCKS proxy menggunakan Dante di server Linux yang berbasis pada distribusi Debian." +# linkTitle: +date: 2023-11-08T11:50:13+07:00 +lastmod: +draft: false +noindex: false +# comments: false +nav_weight: 1000 +# nav_icon: +# vendor: bootstrap +# name: toggles +# color: '#e24d0e' +series: +# - Tutorial +categories: + - Privasi + - Self-Hosted + - SysAdmin + - Networking +tags: + - SOCKS + - Proxy + - Dante +images: +# menu: +# main: +# weight: 100 +# params: +# icon: +# vendor: bs +# name: book +# color: '#e24d0e' +authors: + - jasmerah1966 +--- + +Artikel ini membantu Anda dalam melakukan setting dan mengkonfigurasi _private **SOCKS proxy**_ menggunakan **Dante** di server Linux yang berbasis pada distribusi **Debian**. + + +--- + +[Dante](https://www.inet.no/dante/) adalah **SOCKS proxy** yang sudah sangat _"mature"_ stabil yang didevelop oleh **Inferno Nettverk A/S proxy**. Di artikel ini adalah proses saya menginstall _**private SOCKS proxy**_ menggunakan **Dante** dengan sistem authentikasi _username_ dan _password_ (`pam`). + +## Mempersiapkan Sistem + +Sebelum memulai, ada beberapa prasyarat yang harus dipenuhi untuk mengikuti artikel ini: +- Nyaman menggunakan Linux terminal. +- Sebuah Linux server dengan **Distro** berbasis **Debian**. + +Karena yang akan kita buat adalah *private proxy* yang memerlukan authentikasi _username_ dan _password_ dari akun user di sistem Linux, kita perlu membuat Linux user terlebih dahulu di server yang nantinya akan digunakan untuk proses authentikasi. + +```shell +# membuat user baru +sudo useradd -r -s /bin/false myproxyuser +# mengubah password user baru tersebut +sudo passwd myproxyuser +``` +> _Catatan: Ubah `myproxyuser` diatas dengan user yang ingin Anda gunakan untuk autentikasi._ + +## Instalasi Dante Server + +Karena **Dante** adalah **SOCKS proxy** yang sudah sangat _"mature"_ dan populer, Anda bisa dengan mudah menginstall Dante server dengan _package manager_ bawaan Debian atau Ubuntu: + +```shell +sudo apt install dante-server +systemctl status danted.service +``` + +Setelah proses installasi selesai, system akan secara otomatis mencoba menjalankan _danted.service_, namun _service_ tersebut tidak akan berjalan alias _failed_ karena belum ada metode authentikasi yang wajib dikonfigurasi. + +## Konfigurasi Dante Server + +File konfigurasi Dante berada di `/etc/danted.conf`. Didalamnya sudah ada contoh konfigurasi beserta keterangan yang sangat lengkap untuk apa parameter atau variabel konfigurasi tersebut digunakan. + +Lakukan backup file konfigurasi bawaan tersebut dengan perintah `sudo cp /etc/danted.conf /etc/danted.conf.bak` kemudian ubah konfigurasi pada `/etc/danted.conf` dengan konfigurasi berikut (contoh): + +```plain +# konfigurasi log +logoutput: stderr + +# danted service berjalan pada port 1080 di semua interface +internal: 0.0.0.0 port=1080 + +# interface mana yang akan digunakan untuk semua komunikasi keluar +external: eth0 + +clientmethod: none +socksmethod: username +user.privileged: root +user.unprivileged: nobody +user.libwrap: nobody + +client pass { + from: 0.0.0.0/0 to: 0.0.0.0/0 +} + +socks pass { + from: 0.0.0.0/0 to: 0.0.0.0/0 +} +``` + +Dari contoh konfigurasi diatas, **Dante** akan _listen_ di port `1080` dan semua traffic keluar akan dilewatkan melalui _interface_ `eth0`. + +Anda bisa mengubah _port_ dan wajib menyesuaikan _interface_ sesuai dengan _interface_ yang ada di server Anda. + +Setelah konfigurasi **Dante** selesai disesuaikan dengan kebutuhan, restart servicenya menggunakan perintah `sudo systemctl restart danted.service`. + +Kemudian, lakukan pengecekan apakah `danted.service` sudah berjalan dengan baik dengan perintah `sudo systemctl status danted.service`: + +```plain +● danted.service - SOCKS (v4 and v5) proxy daemon (danted) + Loaded: loaded (/lib/systemd/system/danted.service; enabled; preset: enabled) + Active: active (running) since Thu 2023-11-09 16:51:01 WIB; 1 day 1h ago + Docs: man:danted(8) + man:danted.conf(5) + Process: 885 ExecStartPre=/bin/sh -c uid=`sed -n -e "s/[[:space:]]//g" -e "s/#.*//" -e "/^user\.privileged/{s/[^:]*://p;q;}" /etc/danted.conf`; > + Main PID: 935 (danted) + Tasks: 21 (limit: 9304) + Memory: 18.5M + CPU: 2.701s + CGroup: /system.slice/danted.service + ├─ 935 /usr/sbin/danted + ├─ 955 "danted: monitor" + ├─1494108 "danted: io-chil" + ├─1494116 "danted: io-chil" + ├─1494127 "danted: request" + ├─1495807 "danted: request" + ├─1496272 "danted: negotia" + ├─1496273 "danted: request" + .... snip + +Nov 09 16:51:01 aws-ec2 systemd[1]: Starting danted.service - SOCKS (v4 and v5) proxy daemon (danted)... +Nov 09 16:51:01 aws-ec2 systemd[1]: Started danted.service - SOCKS (v4 and v5) proxy daemon (danted). +Nov 09 16:51:02 aws-ec2 danted[935]: Nov 9 16:51:02 (1699523462.105152) danted[935]: info: Dante/server[1/1] v1.4.2 running +``` + +## Melakukan Testing + +Setelah semua proses diatas selesai, saatnya mencoba menggunakan **proxy server** Anda. Salah satu contoh paling mudah untuk melakukan pengecekan adalah menggunakan `curl` melalui komputer Anda: + +```shell +curl -x socks5://myproxyuser:myproxy_password@server_ip:proxy_port http://ifconfig.me +``` +> _Sesuaikan `myproxyuser`, `myproxy_password`, `server_ip`, dan `proxy_port` dengan authentikasi dan konfigurasi yang sudah Anda lakukan sebelumnya._ + +Dari perintah diatas, Anda seharusnya **mendapatkan alamat IP server proxy Anda**, bukan alamat IP dari ISP yang komputer Anda. + +## Troubleshooting + +Jika Anda tidak bisa melakukan koneksi `SOCKS5` ke _proxy server_ Anda, pastikan _port_ yang digunakan oleh Dante terbuka. jalankan perintah `ufw` berikut (untuk sistem yang berbasis pada Debian) untuk membuka port dari firewall: + + +```shell +ufw allow proto tcp to any port 1080 +``` + +> Catatan: _Ubah port `1080` dan sesuaikan dengan konfigurasi proxy server Anda._ + diff --git a/content/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/index.md b/content/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/index.md new file mode 100644 index 0000000..2eea1ea --- /dev/null +++ b/content/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/index.md @@ -0,0 +1,159 @@ +--- +title: "How to Install and Configure Dante as Private SOCKS Proxy in Ubuntu" +description: "This article helps you setting up and configuring Dante as a private SOCKS proxy on Debian based Linux distribution." +# linkTitle: +date: 2023-11-10T19:56:43+07:00 +lastmod: +draft: false +noindex: false +# comments: false +nav_weight: 1000 +# nav_icon: +# vendor: bootstrap +# name: toggles +# color: '#e24d0e' +series: +# - Tutorial +categories: + - Privacy + - Self-Hosted + - SysAdmin + - Networking +tags: + - SOCKS + - Proxy + - Dante +images: +# menu: +# main: +# weight: 100 +# params: +# icon: +# vendor: bs +# name: book +# color: '#e24d0e' +authors: + - jasmerah1966 +--- + +This article helps you setting up and configuring **Dante** as a **private SOCKS proxy** (with authentication) on **Debian** based Linux distribution. + + +--- +[Dante](https://www.inet.no/dante/) is a _mature_ and stable **SOCKS proxy** developed by **Inferno Nettverk A/S proxy**. This article helps you installing **Dante** as your _**private SOCKS proxy**_ with _username_ and _password_ (`pam`) authentication system. + +## Preparing system + +Before starting, there are several prerequisites that must be met to follow this article: +- Comfortable using Linux terminal. +- A Linux server with a **Debian** based distribution. + +Because what we are going to create is a *private proxy* which requires _username_ and _password_ authentication from a user account on the Linux system, we need to create a Linux user on the server which will be used for the authentication process. + +```shell +# Create new user +sudo useradd -r -s /bin/false myproxyuser +# set the user password +sudo passwd myproxyuser +``` + +> _Note: Change `myproxyuser` above with the user you want to use for authentication._ + +## Install Dante server + +Because **Dante** is a very mature and popular **SOCKS proxy**, you can easily install Dante server with the built-in Debian or Ubuntu package manager. + +```shell +sudo apt install dante-server +systemctl status danted.service +``` + +After the installation process is complete, the system will automatically try to run _danted.service_, but the _service_ will be failed to run because there is no authentication method that must be configured. + +## Configuring Dante server + +Dante configuration file are located at `/etc/danted.conf`. There is an example of a configuration along with a very complete explanation of what the parameters or configuration variables are used for in that default configuration file. + +Backup the default configuration file with `sudo cp /etc/danted.conf /etc/danted.conf.bak` command, then change the configuration in `/etc/danted.conf` with the following example configuration: + +```plain +# log configuration +logoutput: stderr + +# danted service will listen to any available IP addresses on port 1080 +internal: 0.0.0.0 port=1080 + +# which interface will be used for outgoing connection +external: eth0 + +clientmethod: none +socksmethod: username +user.privileged: root +user.unprivileged: nobody +user.libwrap: nobody + +client pass { + from: 0.0.0.0/0 to: 0.0.0.0/0 +} + +socks pass { + from: 0.0.0.0/0 to: 0.0.0.0/0 +} +``` + +From the example configuration above, **Dante** will listen to any available IP addresses on port `1080` and all outgoing traffic will be passed through `eth0` interface. + +You can change the _port_ and you must adjust the `external` _interface_ with your default server interface. + +After adjusting the **Dante** configuration to fit with your needs, restart the service using `sudo systemctl restart danted.service` command. + +Then, check whether `danted.service` is running properly with `sudo systemctl status danted.service` command: + +```plain +● danted.service - SOCKS (v4 and v5) proxy daemon (danted) + Loaded: loaded (/lib/systemd/system/danted.service; enabled; preset: enabled) + Active: active (running) since Thu 2023-11-09 16:51:01 WIB; 1 day 1h ago + Docs: man:danted(8) + man:danted.conf(5) + Process: 885 ExecStartPre=/bin/sh -c uid=`sed -n -e "s/[[:space:]]//g" -e "s/#.*//" -e "/^user\.privileged/{s/[^:]*://p;q;}" /etc/danted.conf`; > + Main PID: 935 (danted) + Tasks: 21 (limit: 9304) + Memory: 18.5M + CPU: 2.701s + CGroup: /system.slice/danted.service + ├─ 935 /usr/sbin/danted + ├─ 955 "danted: monitor" + ├─1494108 "danted: io-chil" + ├─1494116 "danted: io-chil" + ├─1494127 "danted: request" + ├─1495807 "danted: request" + ├─1496272 "danted: negotia" + ├─1496273 "danted: request" + .... snip + +Nov 09 16:51:01 aws-ec2 systemd[1]: Starting danted.service - SOCKS (v4 and v5) proxy daemon (danted)... +Nov 09 16:51:01 aws-ec2 systemd[1]: Started danted.service - SOCKS (v4 and v5) proxy daemon (danted). +Nov 09 16:51:02 aws-ec2 danted[935]: Nov 9 16:51:02 (1699523462.105152) danted[935]: info: Dante/server[1/1] v1.4.2 running +``` + +## Test your server + +After all the processes above are complete, it's time to try using your **proxy server**. One of the easiest way to test is using `curl` from your local computer: + +```shell +curl -x socks5://myproxyuser:myproxy_password@server_ip:proxy_port http://ifconfig.me +``` + +> _Change `myproxyuser`, `myproxy_password`, `server_ip`, and `proxy_port` with the authentication and configuration you have done before._ + +From the `curl` command above, your public IP address should become your proxy server IP address, not your home ISP IP address. + +## Troubleshooting + +If you cannot establish a `SOCKS5` connection to your _proxy server_, make sure the _port_ used by Dante is open. run the following `ufw` command (for Debian-based systems) to open a port from the firewall: + +```shell +ufw allow proto tcp to any port 1080 +``` + +> Note: _Change port `1080` and adjust it to your proxy server configuration._ diff --git a/resources/_gen/images/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy_hucd23d725102fc91c948972a3ddf9aed7_47550_0x360_resize_q75_box.jpg b/resources/_gen/images/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy_hucd23d725102fc91c948972a3ddf9aed7_47550_0x360_resize_q75_box.jpg new file mode 100644 index 0000000..c02d2f2 Binary files /dev/null and b/resources/_gen/images/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy_hucd23d725102fc91c948972a3ddf9aed7_47550_0x360_resize_q75_box.jpg differ diff --git a/resources/_gen/images/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy_hucd23d725102fc91c948972a3ddf9aed7_47550_0x640_resize_q75_box.jpg b/resources/_gen/images/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy_hucd23d725102fc91c948972a3ddf9aed7_47550_0x640_resize_q75_box.jpg new file mode 100644 index 0000000..5332ea4 Binary files /dev/null and b/resources/_gen/images/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy_hucd23d725102fc91c948972a3ddf9aed7_47550_0x640_resize_q75_box.jpg differ diff --git a/resources/_gen/images/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy_hucd23d725102fc91c948972a3ddf9aed7_47550_6a553bf43e1e6455586b0d4a11a62685.webp b/resources/_gen/images/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy_hucd23d725102fc91c948972a3ddf9aed7_47550_6a553bf43e1e6455586b0d4a11a62685.webp new file mode 100644 index 0000000..21c8375 Binary files /dev/null and b/resources/_gen/images/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy_hucd23d725102fc91c948972a3ddf9aed7_47550_6a553bf43e1e6455586b0d4a11a62685.webp differ diff --git a/resources/_gen/images/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy_hucd23d725102fc91c948972a3ddf9aed7_47550_a0b6613731e6bcc4a3c3e4ad5905ca62.webp b/resources/_gen/images/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy_hucd23d725102fc91c948972a3ddf9aed7_47550_a0b6613731e6bcc4a3c3e4ad5905ca62.webp new file mode 100644 index 0000000..349b1c8 Binary files /dev/null and b/resources/_gen/images/tutorials/how-to-install-dante-socks-proxy-on-ubuntu/feature-running-socks-private-proxy_hucd23d725102fc91c948972a3ddf9aed7_47550_a0b6613731e6bcc4a3c3e4ad5905ca62.webp differ