Recently I learned how to tunnel http traffic (e.g. web surfing) over an ssh connection. The effect of this is that you can browse the web on one computer A, say, but for the web servers you are visiting it will look like your requests originate from a different host B. You need to be able to log into host B via ssh for this to work.
There are several situations where such tunneling is useful:
- If your own computer A is on a network which filters, changes, blocks or monitors your http traffic, you can use an ssh tunnel to work around the resulting restrictions.
- If you are on an unencrypted wireless network, you can use tunnelling to prevent your neighbours from being able to read all of your web traffic.
- If you work from home, you can use tunnelling to access online journals (which usually work only from university addresses), university internal web pages, etc. as if you were directly sitting at your work machine B.
Setting up a tunnel is done in two steps:
- Create a tunnel using the following command:
ssh -D 8080 -f -q -N login@host
You will need to replace login and host with your login details. The machine you type this command on is machine A in the description above, and host is machine B. This command will start an ssh process which will run in the background and will act as a tunnel to forward the web traffic.
- Set up your web browser to use a SOCKS web proxy on host
localhost
and port8080
. Both SOCKS4 and SOCKS5 should work. This will tell the web browser to connect to the local end of the ssh tunnel.