SSH Tunneling the Pretty Way
This is just a quick post about a nice little tool I found that allows you to setup and save your SSH tunnels and then quickly bring them up when required. Why might you want to do this? Well theres plenty of reasons. They range from it feels geeky, to you're paranoid about those kids in the coffee shop with the "Hack Naked" stickers on there laptops, to just because you can.Now this guide does assume that you have a SSH server that you can get too and its running Privoxy on port 8118.
The tool is Gnome SSH Tunnel Manager (gSTM) and is available from http://gstm.sourceforge.net the repositories.
apt-get install gstm
Now, a quick reminder of the manual way:
ssh -NL 8118:localhost:8118 synjunkie@ssh_server_ipaddress
Then point your browsers proxy at localhost:8118
And now the pretty way.
Create The Tunnel
Open gSTM from Applications > Internet Menu, and enter your SSH server details. Click Add to configure the port redirection settings and click OK.
Save the settings by clicking OK.
Now you have a tunnel that is saved for you and can be started by Clicking on the Start Button.
Configure The Browser
Now you need to tell Firefox to use your tunnel. Open Firefox Preferences from the Edit menu in Firefox and amend the network proxy settings.
Now you can safely browse the web
You could make this even more seamless by adding a Firefox extension to allow you to have multiple proxy configurations set up and simply select which one you want using drop down list on the toolbar. Switch Proxy works well for this.
Check The Tunnel
You can test that your traffic is being tunneled by using Netstat, Etherape, TCPDump or a number of other tools. Bellow I have used Netstat.
I can see that I am making connections to local port 8118 and that the only external web traffic is going to my SSH server.
When I used Etherape to check my traffic I saw that DNS was not tunneled so one thing to bear in mind is that if your attacker is using subverting your DNS, The whole tunnel will not work. Which I guess is better than it working and your data being stolen!
