16 March 2008 3 Comments

Secure browsing on an insecure network – the easy way!

In my post yesterday, I talked about how to securely browse the web on an insecure Internet connection. The method I used was to install a proxy server (squid) on a trusted machine and ssh tunnel to it. However, one of my developers, Andy, kindly pointed out to me that there is a much easier way – just use SSH’s dynamic port forwarding as a SOCKS proxy.

To create the tunnel:

ssh -D 3128 root@pablo.bunker.fubra.net

To configure OS X to use the proxy, go to System Preferences > Network > Advanced > Proxies

OS X SOCKS Proxy Settings

Tick SOCKS Proxy, and specify the server as 127.0.0.1 port 3128, then click OK and Apply on the following screen, and that’s all you need to do!

3 Responses to “Secure browsing on an insecure network – the easy way!”

  1. Janos 16 March 2008 at 1:51 pm #

    Also don’t forget the -C option to ssh (compression). If it’s not already enabled, normal web browsing with contemporary machines is where compression is basically free, considering the CPU-time, and also sometimes brings surprising results.

  2. Paul Maunders 17 March 2008 at 6:06 pm #

    Thanks Janos. I’ve just given the compression option a try on the relatively slow hotel wifi connection that I’m using here in Avoriaz, and it definitely seems to have speeded up general web browsing. Good tip!


Trackbacks/Pingbacks.

  1. Paul Maunders | Web log » Blog Archive » Secure browsing on an insecure network with my Macbook - 16. Mar, 2008

    [...] a secure tunnel/proxy that doesn’t require squid to be installed. I’ve blogged it here. The method described on this page may be useful if you wanted to log the pages you were visiting. [...]

Leave a Reply