Secure browsing on an insecure network - the easy way!
March 16th, 2008 by Paul Maunders
In my post yesterday, I talked about how to securely browse the web on an insecure Internet connection. The method I used was to install a proxy server (squid) on a trusted machine and ssh tunnel to it. However, one of my developers, Andy, kindly pointed out to me that there is a much easier way - just use SSH’s dynamic port forwarding as a SOCKS proxy.
To create the tunnel:
ssh -D 3128 root@pablo.bunker.fubra.net
To configure OS X to use the proxy, go to System Preferences > Network > Advanced > Proxies
Tick SOCKS Proxy, and specify the server as 127.0.0.1 port 3128, then click OK and Apply on the following screen, and that’s all you need to do!
March 16th, 2008 at 8:17 am
[...] a secure tunnel/proxy that doesn’t require squid to be installed. I’ve blogged it here. The method described on this page may be useful if you wanted to log the pages you were visiting. [...]
March 16th, 2008 at 1:51 pm
Also don’t forget the -C option to ssh (compression). If it’s not already enabled, normal web browsing with contemporary machines is where compression is basically free, considering the CPU-time, and also sometimes brings surprising results.
March 17th, 2008 at 6:06 pm
Thanks Janos. I’ve just given the compression option a try on the relatively slow hotel wifi connection that I’m using here in Avoriaz, and it definitely seems to have speeded up general web browsing. Good tip!