Comments on: Unprotected Wi-Fi: Encrypt your traffic with an SSH SOCKS Proxy to Browse Securely

By: serge

serge — Mon, 13 Apr 2009 13:29:51 +0000

Hello, i use Linux with openssh, and what i do is, in the terminal (or command prompt for windows users, i do not know if the syntax is different in windows) i type ssh -X xxx.xxx.x.xx, the “-X” part forwards the output of the X server (which is what runs the GUI in Linux, among other things) to ssh, and the x’s are of coarse my ip address, what this all means is that i can run Firefox on the remote machine as opposed to locally with a proxy, therefore all of the security stuff on that machine protects me, (the hardware and software firewalls, as well as the hosts.deny file and iptables) which means that i do not need to go through nearly as many steps to get to the same result: a secure connection in an unsecured hotspot. plus i use wakeonlan which i think is really cool. i am not a security expert however, so i might be wrong

By: Ewan

Ewan — Wed, 22 Oct 2008 13:26:03 +0000

As one further point of info, I went ahead and installed copSSH last night, and have been running it pretty hard this morning without having any issues. So this does appear to be a freeSSHd specific problem. I’m still open to trying and help those folks debug the issue if they want, but I seem to have a working solution for now.

By: Ewan

Ewan — Mon, 20 Oct 2008 14:26:35 +0000

You mention:

“Every so often you might receive an error from Putty about an abnormal packet received. It basically disconnects you. You probably are fine since your client applications are still configured to use the proxy, so if you try to browse you will get an error, you need to shutdown Putty, and then reconnect to your SSH server, then you can browse just fine again.”

I’m getting this error 100 every 15-20 minutes which is more than a little distracting. Is there some trick to tell Putty to ignore this? Or some known issue that causes these to be generated? This is great information if it weren’t that I get kicked off so often…

By: tmountjr

tmountjr — Tue, 29 Jan 2008 22:22:50 +0000

Just a note, putting in “127.0.0.1″ instead of “localhost” is the trick, as noted above. Running as an administrator didn’t make a difference in my case because UAC was turned off and *everything* is run as administrator. Unsecure, yes, but far less annoying.

By: Adam

Adam — Mon, 01 Oct 2007 08:28:11 +0000

I thought I’d just comment back that I managed to get the Putty tunnelling to work after installing ZoneAlarm.

God only know why that made a difference. Simply disabling the Windows firewall didn’t help and I had a hunch that it wasn’t truly disabled until an alternative was available.

So now your instructions work and I’m happy. I’ll give 127.0.0.1 comment ago and see if i can get cygwin+ssh going.

By: Kamil Choudhury

Kamil Choudhury — Sun, 30 Sep 2007 03:10:32 +0000

Yup… Anon is right: cygwin ssh will work, but you have to set internet options in IE or whatever browser you’re using to 127.0.0.1, not localhost.

By: Anon

Anon — Mon, 27 Aug 2007 06:38:39 +0000

I have been struggling with vista and its firewall to try to make this work. After a week I figured it out – you _have_ to use 127.0.0.1, “localhost” won’t work. Why? Who knows. MS probably decided this would help stupid users, or that the “localhost” concept was outdated, like the directory-up button.

I h8 vista. I [heart] putty, and now, I [heart] your website.

By: Jim

Jim — Wed, 22 Aug 2007 17:51:22 +0000

good, easiest to follow, ahahahhahah

By: Steve Novoselac

Steve Novoselac — Mon, 20 Aug 2007 18:37:08 +0000

Yeah just disable IPv6 , I doubt you are using it, and it won’t hurt anything. Might do the trick

By: Adam

Adam — Mon, 20 Aug 2007 14:25:31 +0000

I followed a link from gizmodo hoping that this would allow me to tunnel home from my work Vista box and it hasn’t :,-( I can’t seem to figure out what that matter is. Putty or cygwin, socks proxy or tunneling to a squid instance.

I’m wondering if the vista IPv6 stuff might be interferring since using netstat whilst following your instructions shows that IPv6 addresses get defined whilst Cygwin SSH doesn’t.