There are times when you want to connect to the Internet through unknown and/or insecure networks such as a wifihotspot. If you aren’t careful, you might make it all too easy for someone to sniff your connection.There are times when you want to connect to the Internet using your remote machine's (US) IP address. Because you want to use a service that is only available from a specifically located (US) IP address , but it is not available from an open proxy.
I use Debian 5 my remote machine and Windows XP on my local machine.
Follow these steps:
Remote machine config
/ Optional step - Skip this step if you already have an user in your remote machine for this connection. I suggest keep an user separated for webbrowsing task/
Create a new user in your remote Linux machine and add login access to this new user, /bin/false doesn't work in this case.
and follow the steps, or
useradd -g "maingroup" -s /bin/bash -p "password" -d /home/"userhomedir"
Further information about user and group administration in Linux.
Create a new directory to the user and chmod it to 700
chmod 700 /home/user/.ssh
Generate a new RSA key pair with passphrase to the user with puttygen on your local machine.
Copy the public key to /home/user/.ssh/authorized_keys and chmod it to 600 (chmod 600 is optional, chmod 644 is also ok, because this is a public key file).
chmod 600 /home/user/.ssh/authorized_keys
Add login access to the SSH server, edit the sshd_config file:
and add your new user to the AllowUsers directive, or the new user's group to the AllowGroups directive. I usually use the AllowGroups directive.
Reload your ssh config:
Okay, you have an separated user for webbrowsing task on your remote machine, go and config PuTTY and Firefox on your local machine now.
Create a new PuTTY session on your local machine
Configure a secure tunnel
Click on “Tunnels” on the left and set up dynamic fowarding for a local port (e.g. 3030). Under “Add new forwarded port” type in 3030 for the source port, leave the destination blank, and check Auto and Dynamic. Then click the Add button. If you did it correctly, you’ll see D3030 listed in the Forwarded Ports box:
Remember to save your session profile in PuTTY so you don’t have to set up the tunnel next time.
Connect to the remote host
Click Open in the session window (or double click on the session name). Type your passphrase when promted.
Clear your private data
/ Optional step /
If you open this connection because you want to browse the net from a remote (US) IP, you should clear your private data.
Go to Firefox Tools>Options>Privacy>Clear Now... and clear your private data.
Or better if you download, install and run CCleaner (a freeware system optimization, privacy and cleaning tool for Windows).
Configure Firefox (Firefox3)
Go to Tools>Options>Advanced>Network and in the Connection box click on Settings…
Check Manual Proxy Configuration, leave most of the fields blank, but fill in 127.0.0.1 for the SOCKS v5 host with a port of 3030 (or whatever you used in Step "Configure secure tunnel")
Connect to the remote host
Load the session and click Open in the session window (or double click on the session name). Type your passphrase when promted.
Start the browsing
Now start the browsing with Firefox, if there is everyting is ok, you are browsing the Web through your remote machine now.
Go to http://www.ip-adress.com/ and check your IP.
Stop the browsing
If you stop the browsing through your remote machine, go to Firefox Tools>Options>Advanced>Network and in the Connection box click on Settings…Check No proxy and click OK. Then close your SSH connection with an exit command in the PuTTY's terminal window. And clear your private data again (optional).