A quick tip for those that need to access less protected websites also know as websites without the possibility of secure http or commonly known https.

If you’re at a conference it’s really easy for somebody to eavesdrop on all the traffic going over the line. Especially as most conference nowadays have wireless networks for all participants which makes it even easier to do. The only thing you need is a laptop and a packet sniffer. This means that if you would access your blog without encrypting the connection anyone can ‘see’ what you are doing. Worse, enter your credentials and these will go over the network in the clear. In other words: anyone listening in can grab your credentials and has access to your blog.

By using an SSH tunnel we can make it a bit more safer although it would be better to use https, because you are only protecting the connection from your local machine to the SSH receiver which forwards the request and makes a NON-encrypted connection to the requested webpage using http.

In order to create a SSH tunnel you’ll need a server to which your local machine can connect and which will forward your requests and act as a proxy server.In this example I want to browse more safely using Firefox.

1. Open a Terminal
2. Type the following (N means we only want to tunnel and no shell, 1080 is the local port, username is your username on the server, server is the computer which will act as your proxy server):
   
   ssh -N -D 1080 username@server

3. Open Firefox and go to Preferences->Advanced
   
4. Select the Connection Settings
5. Change the settings to: Manual Proxy Configuration, select SOCKS v5 and enter the following settings:

   SOCKS host: localhost
   Port: 1080
   No proxy for: localhost, 127.0.0.1

   

6. Press Ok
7. Your ready to use your SSH tunnel to browse the web using Firefox.

If you would like to make the ssh tunnel to become a background process you can press CTRL-Z within the terminal and the process will be put into the background. You can retrieve it using the fg (foreground command).

If you want to make sure it works, you can quit the tunnel by pressing CTRL-C while the tunnel is in the foreground and try to browse. If you cannot connect, create the tunnel (steps 1, 2 and 3) and try again. Now it should work again. Off course you can also check which ip address is being used. This should be the same as the server to which you connect your tunnel aka the proxy server.

Thanks to Asheesh for help with this!