Friday, May 22, 2009

Secure your browsing with SSH

If security concerns you and you have an SSH client on your laptop, and a reachable SSH server that has access to the web here is a great way of securing your traffic.

This method is very useful especially when surfing on public/unsecured WLANs and will make sure your http traffic is encrypted so some bad guy with a sniffer program cannot read your data.

Please note: that this will only encrypt your data from you to the server you will be forwarding the traffic to, from there to the internet the data will be again unsecured.

From your station run:

$ssh -DN 9999 username@ip-address-of-ssh-server





The -N option tells SSH server side not to open for prompt (this is available on SSH version 2 and later).
The -D options tells SSH to listen on a specific port (9999) and forward the traffic to our server.

This will create a SOCKS proxy on your station.
Next open your browser and set a proxy for: localhost:9999


That's it! From now on the traffic between you and SSH server will be encrypted, so no one on your LAN will be able to decrypt/listen to your valuable traffic.

No comments: