In the first part of this article I introduced Public Key Encryption and SSH. In this part, we will look at how to use SSH to secure your traffic when using an untrusted network.
As previously mentioned, this was partly inspired by events from SuperHappyDevHouse. At the last event we wanted to promote the idea of encrypting your traffic. One of the ideas was to simply write out the command for encrypting your SSH traffic on whiteboards that were placed around the house for collaboration. This was a step in the right direction as people came up to the group of people I was with and asked for help. At least we brought awareness to this problem.
The code we posted was simple:
sudo ssh -l <username> -NfD <port> <ip>
This creates an SSH tunnel that acts as a SOCKS5 proxy server using the specified port. All traffic going through this proxy will be tunneled through SSH and thus be encrypted. Before we get ahead of ourselves, let’s take a look at the options we specified.
- -l – Specifies the username on the remote server
- -N – Tells SSH not to run any remote commands.
- -f – Has SSH run in the background.
- -D – This is the option that actually creates the SOCKS server.
Thank you Mike Lundy for preparing the command for everyone!
Now that we have SSH running in the background as a SOCKS proxy server, we need to configure our applications to use it. For our example we will look at configuring Firefox to send all of its traffic over SSH.
Under Tools->Options, navigate to “Advacned” and click on the “Network” tab. When you click on the “Settings” button, it will bring up options for “Connection Settings.” Here you can manually configure your proxy settings by clicking the “Manual proxy configuration” radio button and then under “SOCKS Host:” type “localhost” and the port specified in the ssh command you issued earlier under “Port.” Click “OK” and you now have all of your Firefox traffic being tunneled through SSH.