I've been traveling a bit this week, which means I've also been accessing the net on untrusted networks. For general web surfing this doesn't both me, but when it comes to editing my blogs or accessing any web service that doesn't authenticate over SSL, I'd feel better if I knew my passwords weren't floating past some coffee shop's network admin in clear text. Fortunately, there's an easy solution: SSH tunneling.
There's plenty of information online that describes how SSH tunneling works and how to set it up, but not surprisingly, you have to do a bit of Googling to actually find concise, step-by-step instructions that actually work. So here we go: Erik's Three-Step Plan for Looking Like You Know What You're Doing SSH Tunneling. (For the record, I'm using a PowerBook running OS X, tunneling to a server running Ubuntu Linux.)
[STEP 1] On the remote server I'm running Privoxy (an HTTP proxy.) On a Debian/Ubuntu box, getting Prixovy running is as complicated as typing: sudo apt-get install privoxy
[STEP 2] Assuming you can SSH into your remote server (ie., no firewall blockage) launch Terminal.app and issue something like this: ssh -N -L 8118:127.0.0.1:8118 remoteuser@serveraddress
(changing "remoteuser" and "serveraddress" appropriately.) Using the -N
flag you'll still need to authenticate with the server, but you won't actually get a command prompt -- the window will just look like nothing's happening.
[STEP 3] Tell your browser to use a proxy for HTTP and HTTPS running at 127.0.0.1 on port 8118.
You're done! You can now hit WhatIsMyIP to see it working.
Of course, just like other three-step programs, there's a little fine print and few extra details that might help to know:
Happy Surfing!