Your Ad Here

Encrypt Browser Traffic On a Public Wifi

 featured, Linux, Mac, Network Security, web, Windows  Add comments
Nov 202009
 

Hi Everone! I have been visiting a coffee shop a lot lately that offers free WiFi. I have been using the connection to work on various things. I wanted to make sure that my browsing had some encryption to avoid sending out plain text data, so I figured out how to route my browser traffic through an SSH connection! The method basically uses an SSH connection as a proxy for the browser.

You will need:

  • An SSH server that you can log into.
  • An SSH Client on the computer you are using.
  • A web browser.

The first thing we will need to do is connect to the SSH server. We will be using a special command flag when logging in in order to set a port and to avoid opening up an interactive shell. The command you will run is:

ssh -ND 9999 you@example.com

Replace “you” with your login name for the server and “example.com” with the address of the server. You will notice that after you enter your password, nothing will happen. It will just sit there. That is exactly what we want. Now, minimize the SSH client or Terminal window. Next, open your browser. I will show you the settings for Firefox, but the setup is more or less the same for other browsers.

In Firefox

Open your Firefox settings. In Windows, it’s in the “Tools” menu. In Linux, it’s in the “Edit” menu. In Apple, it’s in the “Firefox” menu. Once you have the settings window open, click on the “Advanced” section and then the “Network” tab. Next, click the “Settings” button next to where it says, “Configure how Firefox connects to the internet”. Select the option that says “Manual Proxy Configuration”. The only thing we change here is the SOCKS Host and the Port. For the SOCKS Host, enter “localhost” and 9999 for the port number. It should look like this:

socksfirefoxconnection

This is a very old method for setting up a SOCKS Proxy, but it works quite well. Please feel free to comment!

Written by: Tom Duffy on November 20, 2009.on March 3, 2010.
 Posted by at 3:50 pm
  • http://n/a dave arnold

    pretty sweet technique, I’ll have to give it a shot, any ideas as to which ssh client on might want to run on xp? This wont work through PuTTY, will it?

  • admin

    Hey Dave,

    Yes, Putty should work with some tweaking. You need to be able to add the custom ssh flag. Your best bet for Windows is to install Cygwin which basically gives you bash for windows!

  • Shastl Andre

    Hi Tom,
    My brain actually hurts from attempting to wrap itself around how to do this on my macbook, but I learned some new things today nevertheless! This inspired me to poke around the web to try to figure it out. I got too tired to complete the arduous process however. Perhaps I will have the courage to continue at a later date. Thank goodness for people like you. : )

  • admin

    Hi Shastl,

    Thanks for your comment! You need to have an account with remote shell access to make this work. I’m assuming that is what is missing. You can get a free account if you like. The free ones are usually quite slow and not very well run. Here’s a list of free ssh accounts:

    http://shells.red-pill.eu

    Once you have a shell account and have logged in once or twice, this tutorial will make a LOT more sense!

    Tom

  • S. PANTS

    Here’s what I do on my Mac OS X notebook:

    ssh -TnNf -D 8080 REMOTE_HOST 1>/dev/null 2>/dev/null

    Substitute REMOTE_HOST for the name of your shell machine.

    Start Chrome like so:

    open -a “/Applications/Google Chrome.app” –args –proxy-server=socks5://localhost:8080

  • http://blog.jricher.com Jacques Richer

    You will also want to go into about:config and set network.proxy.socks_remote_dns to true. This makes the browser use the remote server for DNS so that the local network cannot determine which websites you’re visiting. Google DNS leakage.

   
© 2011 Tech Remedy Suffusion theme by Sayontan Sinha