Setting Up Your Own SSH Tunnel – The Basics
Hey there readers, so this is my first actual “Security” post in a while and I hope you guys enjoy it. Today I will be teaching you how to set up your own SSH tunnel. For those of you that don’t know what SSH is it’s a network protocol that allows data to be exchanged using a secure channel between two networked devices. Basically a way for you to secure your own data! It’s something that you really should be using if you use public wireless at all. Setting up your own SSH server at home is pretty easy if you already have a server laying around. In this guide I’m going to be using my Ubuntu 12.04 server, but it should work equally well on any Linux distribution.
Setting Up Your Own SSH Tunnel
Step 1. Telnet or log into your server!
Step 2. Run the following command to install OpenSSH “sudo apt-get install openssh-server”
Step 3. Run the following command to generate your private, and public keys “ssh-keygen -t dsa” (When generating a key you don’t need to use a password, it will simply add even more security. If your wondering how this works here is a link to the Wikipedia article on Public Key cryptography!)
Step 4. Configure your client for SSH, to do this your going to need to generate your SSH keys to do this on Mac OSX simply type “sudo ssh-keygen -t dsa” (When generating a key you don’t need to use a password, it will simply add even more security. If your wondering how this works here is a link to the Wikipedia article on Public Key cryptography!)
Step 5. Now your going to need to copy your clients public key to your server! To do this simply copy your public key to your desktop and open it with a text editor, or alternatively just open it with a text editor! (The default location for your id_dsa.pub is /Users/yourname/.ssh/id_dsa.pub)
Step 6. Now back on your server type the command “touch /youruser/.ssh/authorized_keys” (This will make the file if it currently doesn’t exist, and if it does it won’t change anything)
Step 7. Now paste your clients id_dsa.pub contents into the authorized keys file by opening it with your favorite text editor the command to do it with nano would be “sudo nano /youruser/.ssh/authorized_keys”
Step 8. Now restart your servers OpenSSH by using the command “sudo /etc/init.d/ssh reload”
Your server now has SSH running on it! (Keep reading if you want to learn how to tunnel/encrypt your web traffic!)
Step 1. Open up a terminal and type “ssh -C -D 1080 yourserversusername@yourserversipordns” (Your going to be asked for the password for the username, so type it in!)
Step 2. The terminal should just hang now, if it’s sitting there not doing anything your doing it right!
Step 3. Now simply open up your web browser and go to network settings, then proxy, go to the SOCKS option and type localhost and port 1080! You should be running through an encrypted tunnel now! (If you don’t have the server running and the proxy is still on your internet won’t work so remember to turn it on and off, or better yet script your browser to run it automatically at startup!!!!)
So thats the basics on how to set up your own SSH server and tunnel. If you have any questions regarding security or anything else feel free to leave me a comment or e-mail me at firstname.lastname@example.org!