Can I encrypt web traffic with a local ssh server?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Can I encrypt web traffic with a local ssh server?
hi
I want to encrypt my web traffic with ssh, but I don't have access to a remote ssh sever.
I do have a local ssh server running on my machine and I want to know if I can use my local ssh sever to encrypt my web traffic. I know it sounds odd, but I want to know if it's effective or not.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Erm, encrypt it between where and where? From whom are you trying to hide things?
The answer to your question is "no" since SSH encrypts traffic between a client and a server once the traffic leaves your network it is no longer encrypted.
Erm, encrypt it between where and where? From whom are you trying to hide things?
No, I'm not hiding things. I just want to protect my privacy when surfing on a public wifi network. Encryption is a good thing to use because public wifi's aren't secure i.e possible man-in-the-middle sniffing insecure wifi traffic.
Anyway, after reading online about ssh forwarding, the best approach is to use a remote ssh server or a VPS. I do understand my encryption is encrypted from my client machine to the ssh server/VPS and that's fine for me as this would protect me from the man-in-the-middle attacks on a public wifi.
I've learned that ssh works by making an encrypted tunnel from the client machine to the remote server and then it unencrypts from remote server to the internet.
So the local ssh server method which I was going to use wouldn't be effective because it will come out of my client machine unencrypted.
I decided to use digital ocean as my VPS for $5 bucks a month and it's worth it to have when using a public wifi.
PS: I was looking at VPN services as well. But many don't support linux unless you have to do some work-a-rounds. The client apps are mostly for windows, IOS and android.
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,233
Rep:
there is logmein hamachi that has a linux client, and you can create a free VPN for up to 5 nodes
mind you the linux client is command line only, but it's pretty straight forward and is pretty robust, i've only run into a couple of circumstances where hamachi didn't work, and it was in a circumstance where using hamachi might have been a violation of the TOU (terms of use) anyhow, such as at my school.
https://secure.logmein.com/labs/ the linux client is found here, and you will need to create a logmein account (free), and then create a network (free)
note, the 'client' gets run at both ends, and it creates an extra network interface with it's own set of IP addresses.
I appreciate the link for the linux program. Thanks
Logmein Hamachi looks interesting and an easy way to access other computers running hamachi securely over the internet.
However, to do web surfing securely on a public wifi, I need more than hamachi. I need to install a proxy server like squid or privoxy to use in conjunction with hamachi. I found an article on how to do this. It looks easy and doable.
Since hamachi has an arm version of hamachi as well, this would be a good project for an arm based computer like a raspberry PI to make a secure VPN with hamachi and privoxy or other proxy software.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.