[itistoday]

Hi, using the campus network makes me feel paranoid that someone's sniffing all my traffic. There are several websites that I have to login to and my password is sent in the clear for them, so to secure these connections I'd like to use SSH tunneling. I already secure my SMTP using this method, however, in that case I connect to a specific port at a specific destination using this command:

Code:
ssh -N -p 22 -c 3des myuser@myremoteserver.com -L 10025/localhost/25

Could I just modify that to this to secure all my web connections:

Code:
sudo ssh -N -p 22 -c 3des myuser@myremoteserver.com -L 80/localhost/80

The thing is that I don't really have a strong grasp on what that command does. I believe the SMTP command that command tells it to login securely and to my remote server onto its ssh port, and then redirect traffic to localhost on port 10025 to the remote host's SMTP port.

Running the second command seems to work as expected, and web connections do work (except for some reason it requires me to type in my password, unlike the first, which is odd since I have 3des public/private keys on my local box and the remote machine, and because of that it doesn't ask for my password when I do SMTP tunneling).

Other than that, the second command for HTTP tunneling seems executes, but I don't know if it's actually working. If my interpretation of the SMTP command is correct, then it wouldn't make sense to forward traffic from my machine's request's to port 80 to the remote machine's port 80.


Essentially, am I doing it properly (probably not), and if not then how do I do it?


Edit: Or I might have to make a proxy with the -D option with ssh. I've tried doing this by following guides online by using this command:

Code:
/usr/bin/ssh -N -p 22 -c 3des -D 1080 myuser@myremoteserver &

And configuring my web browsers to use localhost:1080 as the proxy, but that didn't work, and I was unable to access any website.

[Detrius]

I've never gotten it to work either, but I haven't actually tried since I learned this additional detail... the dynamic forwarding in SSH is a SOCKS proxy, not a normal proxy. Give that a shot.

[itistoday]

Hmm I'm pretty sure I tried both ways, no luck

[cla]

I think I got it. At least, http://www.whatismyip.com/ shows the IP of the machine I'm using for proxy.

This is what I did (simple version, standard encryption algos):

Code:
ssh -f -D 8080 myuser@myremoteserver.com sleep 3600m

Then I configured the Proxies of my Network settings to this:
Configure Proxies: Manually
SOCKS Proxy Server: localhost:8080

The nicety of using port 8080 is that you don't even need root access.

[itistoday]

Originally Posted by cla

I think I got it. At least, http://www.whatismyip.com/ shows the IP of the machine I'm using for proxy.

This is what I did (simple version, standard encryption algos):

Code:
ssh -f -D 8080 myuser@myremoteserver.com sleep 3600m

Then I configured the Proxies of my Network settings to this:
Configure Proxies: Manually
SOCKS Proxy Server: localhost:8080

The nicety of using port 8080 is that you don't even need root access.

Wow, ok, here's the thing, that works with Safari, but I can't get it to work with Firefox (my main browser). Firefox won't go to any site if I set it to use the SOCKS proxy in its settings. If you try to go to any site, it'll just seem like it quickly refreshed a blank page, and do nothing.

Any ideas?

Edit: Also, something else that I thought about. My remote server is something I pay for, so wouldn't using this toll up the bandwidth usage...?

[turtle777]

Originally Posted by itistoday

Hi, using the campus network makes me feel paranoid that someone's sniffing all my traffic. There are several websites that I have to login to and my password is sent in the clear for them, so to secure these connections I'd like to use SSH tunneling.

Are these websites just some random sites on the internet, or are these actual webservers that you have admin access to ?
If I understand SSH tunneling correctly, you need SSH access on BOTH ends. As long as you have that, you should be able to set up a secure tunnel.

I have done secure tunneling of VNC and AFP between my iBook and my Mac mini, using the following commands:

Example AFP secured:

ssh -L 10548:remoteserver.com:548 -N 127.0.0.1

Tunnels AFT (port 548) of remote server (remoteserver.com) to 127.0.0.1:10548 (= localhost)

To connect, I used Finder's connect to server: afp://127.0.0.1:10548

A great help is an app called SSH Tunnel manager:
http://projects.tynsoe.org/en/stm/


So analog to that, try the following:

ssh -L 8080:remoteserver.com:80 -N 127.0.0.1

-t

[Detrius]

Originally Posted by turtle777

Are these websites just some random sites on the internet, or are these actual webservers that you have admin access to ?
If I understand SSH tunneling correctly, you need SSH access on BOTH ends. As long as you have that, you should be able to set up a secure tunnel....

It's a lot easier to snoop the local network than it is an internet connection. Someone on campus could easily listen to everything you are doing. This would theoretically be possible over a cable modem, but you have bigger bandwidth issues, as speeds are asynchronous.

See ettercap.

[C.J. Moof]

Could you put your own VPN server up somewhere? I have a Linksys WRT54g with the Satori firmware, and it contains a PPTP server. A quick VPN hookup, and you could encrypt *all* your network traffic.

[itistoday]

Originally Posted by C.J. Moof

Could you put your own VPN server up somewhere? I have a Linksys WRT54g with the Satori firmware, and it contains a PPTP server. A quick VPN hookup, and you could encrypt *all* your network traffic.

While that would definitely work I don't think my host allows that, I don't even think it's possible with shared-hosting... I don't have a dedicated machine

[C.J. Moof]

Remotely run a webrowser on the hosted box, exporting the display over X11, hooked up via an SSH tunnel?

But shared hosting might not support that either....