When we're browsing the web from a public place we'd like to ensure all our traffic travels over an encrypted channel. W can accomplish this easily with an SSH based proxy. You're going to need a shell (SSH) account on a remote server. The following process will work on *nix and OSX and probably other systems as well. For windows you'll want to use something like PuTTY/Plink, but beyond that you're on your own.
Create a file in your home directory and name it whatever you like, I'm using tunnel.sh. In that file enter the following:
First of all, pay attention to case here, we're using a lower case -p to specify the remote port we're connecting on, and a capital -D to specify the local port to serve the proxy from. If you're connecting to your server via port 22 like the example you can actually leave it off, but I've included it in the example since many sysadmins use non-standard ports for ssh (and so should you, if possible). The -N is optional and signals SSH not to open a shell session, so after you've connected and provided a password, the command will simply sit there as if it were hanging, instead of providing you with a command prompt.
Let's flag our file as executable:
Now we can run our file which will connect to your server and prompt you for your password. Once you enter your password it will simply sit there. You must keep this window open, so either minimize it or move it to a different desktop if you can. Now we have a SOCKS5 compatible port-forwarding proxy at our disposal. Normally when you make a request over the internet, it travels from your computer's network card to your local router and then to the internet in effectively plaintext. Anyone with the slightest inclination is able to view what sites you're visiting, and obtain your login information if it is not being transmitted in a secure fashion (including email, ftp, and many websites). You may have been following the whole firesheep fiasco.
Now that we have our SSH proxy running, we can tunnel all of our traffic through an SSH encrypted channel which effectively hides all of your internet traffic from curious/malicious users on your local network. In order to do this we have to tell our software to use the local proxy running on port 8080. For firefox I recommend foxyproxy. Most instant messengers allow you to use a proxy for a given account. In either case, you need to make sure that you use "localhost", port 8080, and check the options for SOCKS5 proxy. You can check that it works by checking your IP at http://checkip.dyndns.org before and after enabling the proxy.
Tags: One Liners
