This post will show how to establish an encrypted tunnel to another computer on a remote network. This is achieved using the port forwarding feature in SSH clients on UNIX and a proxy server running on the remote network(in this case 'polipo'). First, a proxy server is started on the remote network. In this case, polipo is listening on port 9000 for connections. It is set to listen on and accept from only the localhost. This way, even if the proxy server does not implement any kind of authentication, it is secure from requests originating from any other machine than the localhost.
Once the proxy server is up and listening for connections from the localhost, we establish a ssh tunnel with this server with the following configuration :
Local port : 81 (port that the browser uses as the proxy port)
Remote IP : localhost (since we have configured our proxy server to only listen on localhost)
Remote Port : 9000 (since the proxy server listens on port 9000)
this is achieved by running the ssh client using the following arguments :
ssh [user]@[remoteIP] -L 81:localhost:9000 -N
This is a stripped down method of using the tunnel. Compression can be used using the -C option or it can also be made to run in the background using the -f option. The -N option ensures that no remote commands are executed and only port forwarding is used.
When the above command is run, it will ask the user for login credentials of the remote server. Once it is successfully authenticated, all requests directed towards the localhost on port 81 will be forwarded using an encrypted tunnel, to the remote server on port 9000.
To test the above setup, modify the proxy settings of your browser to direct all requests to "localhost" on port 81(or any other forwarded port) for all protocols. You can try to load any website in the web browser now. If everything is working as expected, you should be able to surf the internet smoothly. To confirm if your traffic is routed through the remote server, you can compare the IP address using services using 'whatismyip.com" or something similar. This will only work if the remote server has a different public IP than the local machine.
The above setup is especially useful when:
1. Accessing financial or private information while on the move and using public or untrusted internet connections.
2. Accessing blocked content from behind a corporate network...i do not recommend this ;)
In both the above cases, you might have limited access to the remote server because of port blocking etc in effect so you i would be a good idea to ensure that the remote server is listening for SSH connections on a "safe" port (e.g. 443 or even 80) which will definitely be allowed through the firewall (this is what I do too..however i feel this technique will not work if all your web traffic is routed through a proxy server....port selection is another discussion in itself)
This technique can be used for many other things like routing only specific ports through a remote server e.g. skype calls, google talk, etc.
This content is strictly for educational purposes. Please confirm with your system administrators/supervisors if the above techniques are compliant with local policies before using them in any network.
