Proxy over SSH
From Rabbi Blog
History
Basing this post on the previous VNC over SSH article, I was thinking of a way to be slightly more secure while using Wireless Hot Spots (Internet Cafes for example), where someone with sniffing programs could be lifting your username, passwords and email that you read right from the wireless connection.
Ingredients
- A proxy server running in your 'home' network
- SSH server running on the same box (or on your home network for advanced users)
- An open port in your firewall pointing to the SSH server (changing your SSH port is recommended for security)
- Putty on your laptop (or remote PC)
Prerequisites
- Setup your proxy server and record the port that it runs on. I'm using Squid proxy (port 3128)
Remote Laptop Steps
- Open putty and connect to your home network SSH server
- Add the tunnel for the proxy server (3128 for squid)
- See the previously mentioned [[VNC over SSH|article] on this
- Open IE or Firefox (or whatever)
- Add the following LAN Proxy settings: 127.0.0.1:3128
Enjoy surfing via your secure SSH tunnel!
Verify
To verify this is working, do the following:
- Browse to www.whatismyip.com and note the IP
- Perform the Remote Laptop Steps
- Browse to www.whatismyip.com and note the IP
You should notice a DIFFERENT IP and you should recognize it as your home network's external IP.
Further applications
- Reroute your email client through the tunnel