Route Http Traffic Securely Over Ssh
It’s a common dilemma, you want to access your online banking but you are on an insecure wifi network with your trusted mac, what can you do?
This solution requires a ssh connection to a linux server, doesn’t need to be root or admin user, just a simple account is good for now. The other part is firefox web browser.
Open a terminal client and type this:
$ ssh -D 8090 -f -C -q -N richard@outofthe.netLet’s break it down
-D port
Specifies a local “dynamic” application-level port forwarding.
This works by allocating a socket to listen to port on the local
side, and whenever a connection is made to this port, the connec-
tion is forwarded over the secure channel, and the application
protocol is then used to determine where to connect to from the
remote machine. Currently the SOCKS4 and SOCKS5 protocols are
supported, and ssh will act as a SOCKS server. Only root can
forward privileged ports. Dynamic port forwardings can also be
specified in the configuration file.
-f Requests ssh to go to background just before command execution.
This is useful if ssh is going to ask for passwords or
passphrases, but the user wants it in the background. This
implies -n. The recommended way to start X11 programs at a
remote site is with something like ssh -f host xterm.
-C Requests compression of all data (including stdin, stdout,
stderr, and data for forwarded X11 and TCP/IP connections). The
compression algorithm is the same used by gzip(1), and the
“level” can be controlled by the CompressionLevel option for pro-
tocol version 1. Compression is desirable on modem lines and
other slow connections, but will only slow down things on fast
networks. The default value can be set on a host-by-host basis
in the configuration files; see the Compression option.
-q Quiet mode. Causes all warning and diagnostic messages to be
suppressed.
-N Do not execute a remote command. This is useful for just for-
warding ports (protocol version 2 only).
This won’t return anything, but don’t worry you can check it’s still running with
$ ps ax | grep sshNow go into Firefox -> Preferences -> Advanced -> Connection - Settings
You want a manual proxy configuration, socks host is 127.0.0.1 port 8090 then click ok.
Verify it works by checking your ip has changed here
Done.