Search My Blog

Saturday, April 2, 2011

SSH tunneling for secure web surfing | parabing!

SSH tunneling for secure web surfing

On April 1, 2011, in HowTOz, by subZraw

Mindlessly surfing from an insecure location such as a coffee shop, a hotel room or even your workplace? Sure you are and we can understand the need -and oftentimes the urge- to be online. Hopefully, there’s an easy way to have all the security of the world and check your email and/or surf the web at the same time.

The idea here is that you establish a secure, encrypted SSH tunnel from your laptop to a remote box you own or at least have an account on. By doing this you essentially bypass the local router and surf through the remote machine. So, not only do you avoid attacks such as packet sniffing or SSL stripping, but you also go around any technical barriers (e.g. URL blacklisting) the admin of the local network you’re getting online from has in place.

Before we demonstrate exactly how you can accomplish that, we should clarify a few things about the remote computer. First off, its operating system should be either Linux, BSD or Mac OS. The box must be online and capable of accepting inbound network connections, that is to say connections from the Internet. What the latter usually implies is that the proper port forwarding or NAT rule is already setup in the router the computer connects to. More specifically, the remote computer runs an SSH server and accepts inbound connections to the appropriate port (the default is 22). Furthermore, the firewall it may have enabled should allow for connections to that port.

As for the client machine, i.e., the laptop or even the desktop computer you intent to establish a secure tunnel from, it may be running any operating system you like.

There’s one more thing. Sometimes it’s best for the client and server to be configured for passwordless SSH logins. Such an arrangement is not mandatory but it sure makes things easier. Check this post out if you want to know how to accomplish that.



No comments: