Securely webbrowse via SSH tunnet article.

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

mmm

New Around Here
On this security article dated 3/28/2008, does this technique still apply today?
If I understand this correctly I can setup my linux based home router to run Openssh and connect to it remotely via putty and browse the web securely.
From within your homenetwork, would you just create another entry for putty pointing to your router's lan ip then have to configure port forwarding?

Just learning to configure ssh on my router so this topic is a little confusing for now.

Thanks.
 

thiggins

Mr. Easy
Staff member
To reach the SSH server on the LAN, you'd use its LAN IP.
To reach it from the WAN, you would need to forward the port you are using to the server's IP and reach it via the WAN IP.
 

mmm

New Around Here
Thanks Tim.

I went ahead and tried this setup from lan side and noticed that my wireless speed when tested from speedtest reduced from 15.x to 11.x(putty with Mozilla as instructed.) Is this normal? So I tried just using plain old IE without putty and speed went back to normal.
 

thiggins

Mr. Easy
Staff member
I would use a wired connection to evaluation speed. But there could be some throughput loss due to SSH.
 

mmm

New Around Here
Tim...I understand that my web browsing is secure once the tunneling is established to the ssh server which is my home router but what happens after it goes out to the web? Is it still secured from eavesdropping? Is it secured no matter where I connect to on my browser? Or do I have to sign up with an outside company/web site that provides that service and tunnel through them to be secure?

And also is this just for wireless browsing? Do I need this if I'm hardwired to the router?

Thanks for clarifying.
 

thiggins

Mr. Easy
Staff member
Communication is secure only to the SSH gateway. This is primarily useful when you are connecting via an untrusted connection, such as in a public wireless hotspot.
 

spooony

Occasional Visitor
Why not use Tor?
 

sfx2000

Part of the Furniture
I use this all the time - it's faster than OpenVPN, and I host the other end at the house - so with the tunnel, I own both ends...

I initially set up things years back, a couple of companies ago, as they were running a web-proxy thingy that would block legit content - so to get legit data sheets, etc... using an ssh tunnel worked through it.

ssh tunnels are not a replacement for VPN's, but it's another thing in the toolbelt...
 

sfx2000

Part of the Furniture
Why not use Tor?
Because Tor attracts attention... if one is using tor, everyone in the middle knows it's Tor...

ssh tunnels - not so much - and because not so many people use them compared to OpenVPN, all the better...
 

cooloutac

Senior Member
Because Tor attracts attention... if one is using tor, everyone in the middle knows it's Tor...

ssh tunnels - not so much - and because not so many people use them compared to OpenVPN, all the better...
when you say attracts attention what do you think the worst is that could happen? you get blocked? Wouldn't it still be safer to use openvpn or tor, or both? better yet. do all three! lol I awlays tell people worry about criminals more then the gov't. You are not doing anything illegal. Criminals are gonna get a hardon for your ssh traffic, you have make sure your apps are configured properly not just to not leak data with ssh, but hardened, where at least you can be disguised with a vpn for "everyone in the middle".

I'm paranoid about ssh into my raspy pi or router on my own home lan lol. let alone wan.
 
Last edited:

cooloutac

Senior Member
or I just had a thought i never did. how bout, you wrap your vpn + tor connection in ssh, using a proxy :) now that is hardcore. would be super super secure and disguise the vpn. depends on your speeds of course and what you want to connect to. would be fine for most webbrowsing. drop tor if anything. lol
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top