diff --git a/modules/openssh.nix b/modules/openssh.nix
index 1b02e46..d05b702 100644
--- a/modules/openssh.nix
+++ b/modules/openssh.nix
@@ -23,7 +23,7 @@
 
     settings = {
       AllowAgentForwarding = "no";
-      AllowTcpForwarding = "no";
+      AllowTcpForwarding = lib.mkDefault "no";
       ChallengeResponseAuthentication = "no";
       ClientAliveCountMax = lib.mkDefault 2;
       Compression = "NO";
diff --git a/systems/bob/configuration.nix b/systems/bob/configuration.nix
index 8e8f3ba..ed89c2b 100644
--- a/systems/bob/configuration.nix
+++ b/systems/bob/configuration.nix
@@ -1,6 +1,7 @@
 {
   imports = [
     ../../users/richie/global/desktop.nix
+    ../../users/richie/global/ssh.nix
     ../../users/richie/global/syncthing_base.nix
     ../../users/richie/global/zerotier.nix
     ./hardware.nix
diff --git a/systems/jeeves-jr/configuration.nix b/systems/jeeves-jr/configuration.nix
index 6ef19db..1f2f1b6 100644
--- a/systems/jeeves-jr/configuration.nix
+++ b/systems/jeeves-jr/configuration.nix
@@ -1,6 +1,7 @@
 { pkgs, ... }:
 {
   imports = [
+    ../../users/richie/global/ssh.nix
     ../../users/richie/global/zerotier.nix
     ./docker
   ];
diff --git a/systems/jeeves/configuration.nix b/systems/jeeves/configuration.nix
index cdb06aa..027272d 100644
--- a/systems/jeeves/configuration.nix
+++ b/systems/jeeves/configuration.nix
@@ -1,6 +1,7 @@
 { pkgs, ... }:
 {
   imports = [
+    ../../users/richie/global/ssh.nix
     ../../users/richie/global/syncthing_base.nix
     ../../users/richie/global/zerotier.nix
     ./docker
diff --git a/users/richie/global/ssh.nix b/users/richie/global/ssh.nix
new file mode 100644
index 0000000..9d38997
--- /dev/null
+++ b/users/richie/global/ssh.nix
@@ -0,0 +1 @@
+{ services.openssh.settings.AllowTcpForwarding = "yes"; }
diff --git a/users/richie/home/gui/default.nix b/users/richie/home/gui/default.nix
index 45f1c35..1c2cd5d 100644
--- a/users/richie/home/gui/default.nix
+++ b/users/richie/home/gui/default.nix
@@ -16,8 +16,9 @@
     mediainfo
     obs-studio
     obsidian
+    proxychains
     sweet-nova
-    vlc
     util-linux
+    vlc
   ];
 }
diff --git a/users/richie/home/sshconfig.nix b/users/richie/home/sshconfig.nix
index 83d935a..b74279e 100644
--- a/users/richie/home/sshconfig.nix
+++ b/users/richie/home/sshconfig.nix
@@ -8,18 +8,21 @@
         user = "richie";
         identityFile = "~/.ssh/id_ed25519";
         port = 629;
+        dynamicForwards = [ { port = 9050; } ];
       };
       jeevesjr = {
         hostname = "192.168.90.35";
         user = "richie";
         identityFile = "~/.ssh/id_ed25519";
         port = 352;
+        dynamicForwards = [ { port = 9050; } ];
       };
       bob = {
         hostname = "192.168.90.25";
         user = "richie";
         identityFile = "~/.ssh/id_ed25519";
         port = 262;
+        dynamicForwards = [ { port = 9050; } ];
       };
       rhapsody-in-green = {
         hostname = "192.168.90.221";