Bittorrent over SSH

There are many guides on the internet explaining how to direct your bittorrent traffic over an SSH tunnel, this is another one:

The SSH command to open the tunnel on the local computer is this:

ssh -2 -R 22333: -A -D 1080 username@remoteserver.domain

  • You can replace 22333 with any other portnumber between 1024 and 65536.
  • 1080 is the port you need to use for this tunnel (socks protocol).

Log in with an existing user name on the remote computer. If it is a MAC, go to system preferences on the remote computer, Sharing, and enable Remote Login for the user who is supposed to accept the SSH tunnel (create a dedicated user if convenient).

To enable automatic login on the local computer without providing a password you need to create a RSA key. Open terminal and enter:

ssh-keygen -t rsa

And follow the instructions. On a MAC open terminal and list the files in the hidden directory ".ssh". Now you need to copy the public key file to the remote computer by using SCP:

scp username@remoteserver

On the remote computer this file also needs to be located/moved in the hidden .ssh directory. Create this directory if it does not exist. Now you should be able to use the SHH command on the local computer to create the tunnel without having to enter the password.

The next step is to set your bittorrent client on the local computer to use the 1080 socks port of the tunnel. What you need to look for in the clients network/torrent configuration is the area called "proxy and incoming TCP port". Enable proxy (no password required) and enter the proxy tunnel port number 1080 and incoming port 22333. See examples below:


That should do the job, test the tunnel by downloading a file, if you disconnect the tunnel with CTRL+C your download should also stop.

If you want to make life easier you can create a workflow and application with the MAC Automator. Select "Run Shell Script" and use the following script, the application will run and keep the SSH tunnel open (the litte gear will keep spinning):

createTunnel() {
ssh -q -2 -R 22334: -A -D 1080 username@remoteserver.domain

while :
lsof -i -n | egrep '\<ssh\>' | wc -l
if [[ $? -eq 0 ]]; then

A better option over SSH would be a VPN tunnel. Proper open source support in the form of a VPN server for the remote server (or computer) and a VPN client is still not very common, but perhaps the software below (for MAC users) available for a small fee might be of help, see