I've read the wikipedia article on socks and cannot find information about encryption between client and proxy-server. There is only information about authentication.
Is socks5 connection a plain-text?
Asked
Active
Viewed 2.1k times
1 Answers
18
SOCKS5 is just a transport protocol on top of TCP/UDP but below application layer. Thus it's comparable with TCP and UDP, too. There's no inherent encryption in SOCKS, but you application has to care about this (it's not a VPN technology, but a proxy at last). If you want encryption, the protocol you speak inside of the SOCKS-channel has to provide it.
Andreas Wiese
- 10,112
- 1
- 32
- 38
-
3Alternatively, the protocol SOCKS runs on top of can provide encryption. A very common way to use SOCKS is over SSH (built into OpenSSH) - in that scenario SOCKS would run over the encrypted SSH connection. – Bob Aug 17 '17 at 06:37
-
3… but in this case you should remember that only the SSH connection is actually encrypted (SSH client to SSH server) — SSH doesn't ensure encryption between the SSH server (your eventual SOCKS proxy) and the actual destination. – Andreas Wiese Aug 17 '17 at 06:42
-
1@AndreasWiese: so does this mean that if authentication is enabled, the password is transmitted in plain text? – kontextify Apr 16 '18 at 12:55
-
@kontextify the SSH password is not transmitted in plain text since the SSH connection is encrypted. But it is better to use SSH password / certificate key authentication instead of just password to prevent bruteforce attacks. Note that a SOCKS proxy made with an SSH tunnel does not support UDP. – baptx Feb 11 '20 at 12:16
-
@AndreasWiese: well, in a VPN it's the same – Osqui Jan 31 '21 at 17:21