Use Chrome securely from Starbucks via SSH SOCKS

[lotuseclat79]

Use Chrome securely from Starbucks via SSH SOCKS.

Quote:

Do you have a server that you can access with OpenSSH? Do you want to be able to browse the web, even non-SSL, unencrypted pages, without others on the network being able to see what you’re looking at or even hijacking your sessions? Given the existence of Firesheep, it is really easy for even unsophisticated users to hijack a web browsing session.

The method I’m presenting is easy and effective. OpenSSH makes this a snap. Your web browsing packets will be routed via an encrypted connection to your server.
...
Note that someone on the network where your server is hosted can still snoop your traffic, but not in the Starbucks where your are sitting.

-- Tom

[EncryptedBytes]

I would like to add if you do this method to use public/private keys not passwords and to make sure there is no DNS leakage. Firefox is able to work with SOCKS as well you will have to configure the DNS. Internet Explorer can also work though it does leak DNS.

[Victek123]

Quote:

Originally Posted by lotuseclat79

Use Chrome securely from Starbucks via SSH SOCKS.

Note that someone on the network where your server is hosted can still snoop your traffic, but not in the Starbucks where your are sitting.

-- Tom

Any idea what "server" is being referred to here?

[EncryptedBytes]

Quote:

Originally Posted by Victek123

Any idea what "server" is being referred to here?

The server would be the computer or device you are a establishing an SSH tunnel with.

[Hungry Man]

It's nice but if there's a site I don't want sniffed I already have it set to https - and I don't have a server I can just ssh into.

Thanks though - this would be surprisingly easy to do.

[Victek123]

Quote:

Originally Posted by EncryptedBytes

The server would be the computer or device you are a establishing an SSH tunnel with.

Since the article starts with:

Do you have a server that you can access with OpenSSH?

I guess it's fair to say it wasn't written for anyone who doesn't have a server and/or know what OpenSSH is, which is almost everyone that uses Starbucks wifi. The reference to Starbucks made think that maybe this was a general solution. Your glib response wasn't helpful.

[EncryptedBytes]

Quote:

Originally Posted by Victek123

Since the article starts with:

Do you have a server that you can access with OpenSSH?

I guess it's fair to say it wasn't written for anyone who doesn't have a server and/or know what OpenSSH is, which is almost everyone that uses Starbucks wifi. The reference to Starbucks made think that maybe this was a general solution. Your glib response wasn't helpful.

My response was plenty helpful. You can find the definition of a server here. A server doesn’t have to be a huge blade farm run by someone in another country. It is simply a computer or device on your network sharing resources. In this case if you have any ipod, gaming console, or old computer lying around you can use it to tunnel via SSH. All you are doing here is establishing a connection with that device on your home network from a remote location. When using SOCKS your browser data is piped to that device via SSH tunnel and the device forwards the information on your behalf (Proxy). I would be more than happy to explain anything in detail as I am unable to view the article so I can only surmise what helpful instruction it has for users.

In text picture terms here is what you are doing when you SSH:
(Your computer at a coffee shop ==>(encrypted ssh tunnel)==>(Your home LAN ipod touch,xbox,ps3,computer behind a router)<==>(unencrypted traffic internet)

[Victek123]

Quote:

Originally Posted by EncryptedBytes

My response was plenty helpful. You can find the definition of a server here. A server doesn’t have to be a huge blade farm run by someone in another country. It is simply a computer or device on your network sharing resources. In this case if you have any ipod, gaming console, or old computer lying around you can use it to tunnel via SSH. All you are doing here is establishing a connection with that device on your home network from a remote location. When using SOCKS your browser data is piped to that device via SSH tunnel and the device forwards the information on your behalf (Proxy). I would be more than happy to explain anything in detail as I am unable to view the article so I can only surmise what helpful instruction it has for users.

In text picture terms here is what you are doing when you SSH:
(Your computer at a coffee shop ==>(encrypted ssh tunnel)==>(Your home LAN ipod touch,xbox,ps3,computer behind a router)<==>(unencrypted traffic internet)

Thanks for the additional explanation. At first I thought you were pulling my chain, but I think you were just being literal so sorry about that. Regarding creating this encrypted tunnel, if I were to use my home computer as the server would there be an advantage to Open-SSH Vs OpenVPN? I'm new at this and don't appreciate the nuances yet.

[EncryptedBytes]

Quote:

Originally Posted by Victek123

Thanks for the additional explanation. At first I thought you were pulling my chain, but I think you were just being literal so sorry about that. Regarding creating this encrypted tunnel, if I were to use my home computer as the server would there be an advantage to Open-SSH Vs OpenVPN? I'm new at this and don't appreciate the nuances yet.

I deal with people who hate fluff on a daily basis so I try to be as succinct as possible. I jest that SSH is a poor man's VPN. The SSH protocol was developed as the answer to replace remote shell among several other old methods server admins used to configure their machines since the connections were not secure. The main difference without getting too deep, SSH is used to connect host to host, where VPN is used to connect network to network.

Now diving into the deep end, both operate at different levels of the OSI and TCP/IP stack. SSH would be running at the application layer, a VPN at the network layer. Though depending on the type of VPN used that may vary