25Aug/122

Encrypted Web Browsing With SSH and Ubuntu

Every now and then, you may be forced to use an unencrypted wireless access point to access the internet. Many hotels and coffee shops leave their access points unencrypted, instead relying on other solutions such as captive portals to authenticate customers. This keeps unauthorized users off the network (sort of), but it doesn't encrypt anything between you and the access point. This could allow a malicious hacker to intercept personal information, such as passwords. With an SSH server at home, you can encrypt your web traffic and slingshot it back to your house. Your SSH server will then decrypt it and send it back out to the internet, as if you were browsing from inside your secure home network. Interested? Read on.

After connecting to an access point, go to whatismyip.org, and make a mental note of your IP address. Next, open a terminal and run

ssh -D 8080 user@server

If you are using a slow network, add -C for compression. I've done this when tethering over edge, and noticed a slight speed boost.

Go to System Settings... > Network > Network Proxy

In the Method drop-down menu, choose Manual.

Set Socks Host to 127.0.0.1 (also known as loopback)

Set the port to 8080

Click Apply system wide

Open a web browser and go back to whatismyip.org. If your ssh session is open, and your proxy is configured correctly,  your IP address should now be different than it was before. This is because all of your web traffic is being encrypted before traversing the wireless network, and being routed back to your ssh server, where it exits to the internet. You can start using unencrypted access points again!

- Joel / FuelCell250

 

  • Jonathan Frouman

    what is the user@server supposed to be?

    • Badger32d

      the username and server you’re intending on connecting to. For example, if you had a ssh server accessible at hackedpotates.com, you could do ssh -C -D 8080 jonathan@hackedpotatoes.com. Hope that makes sense.

      –Badger