Tuesday, December 20, 2011

Private Web Browsing with SSH Tunneling and Putty By Corey on March 9th, 2010


Private Web Browsing with SSH Tunneling and Putty

Web browsing through SSH tunneling gives you the ability to browse the web privately by encrypting all web traffic out of your computer.  This gives you privacy to know that anyone eavesdropping on your connection using something like Wireshark. It also allows you to by-pass any internet content restrictions that may be in place where you are, such as a workplace or public connection.  I personally use this because I don’t like the idea of someone else listening in, and I don’t like being restricted.
What we will do is use a free program called Putty to connect to an SSH server that we have set up home. Then we will configure the machine that we are on to pass all web traffic through this encrypted connection and out through our home connection. Anyone listening in will only see one connection to your home IP, and the rest will be encrypted traffic.
Note: There is now an update to this post that also Passes all DNS Queries Through SOCKS in Firefox. Be sure to read that after you finish this tutorial for added privacy.

What You Will Need

  • An SSH server, or access to one.  (Note: Free shell providers don’t take kindly to people doing this through their servers, so check with them before you do this)  Setup of SSH server not covered here.
  • Putty client downloaded to the machine you will be working on.
  • Ability to connect outbound from your location.  Many work places limits or prevents outbound SSH connections.  You may need to run yours on a different port.

Step 1 – Configure Putty

After downloading Putty, launch it and in the left menu, go toConnection -> SSH -> Tunnels .  On the right side, enter any port above 1024 in the Source Port and select Dynamic from the radio buttons directly below it, then click Add.
It should now say D7070 in the box above.
Next, on the left side, go back to Session, and add a session profile for your home server by entering in the address underHost Nameensure that SSH is selected underneath.  Next, create a name for your profile, and enter it in Saved Sessionsbox and then click save.  Finally, click Open at the bottom and log into your SSH server.

Step 2 – Configure Web Browser

Firefox
If you’re using the Mozilla Firefox web browser, you can configure it by going to Tools -> Options menu and then clicking Advanced on top and then select the Network tab and then Settings under Connection section.
On the Connection Settings windows, enter in 127.0.0.1 in the SOCKS Host box, and your port you selected earlier, in this case 7070.  Ensure that SOCKSv5 is selected underneath.  That’s it, now press OK until you are back at your browser window.  You’re done.
Internet Explorer
If you are using Microsoft Internet Explorer then you can go to theTools -> Internet Options menu.  Click on the Connections tab and then LAN Settings down below. Now, on the Local Area Network (LAN) Settings page, but a check mark in the Use aproxy server for your LAN and in Bypass proxy server for local addresses and then click the Advanced button.
In the Proxy Settings page, enter 127.0.0.1 in the Socks box, and the port you selected in the box next to it, in our case 7070. Now, click OK until you are back at the web browser window.
Google Chrome
Unfortunately there is no native way of setting this up in Google Chrome.  However, someone has created an extension for it that you will have to add yourself called Proxy Switchy! which you will have to add yourself. I don’t currently have Google Chrome installed so I can’t provide step-by-step instructions.

Testing

The good thing about this setup is that you don’t have to configuration anything on the SSH Server side.  To test your tunnel, just go to http://www.whatismyip.com and it should display the IP address of your home server and not your current physical location.
That’s it, enjoy, and happy private browsing!

No comments: