We need to make secure connection when browsing the Internet while at home, in the office or in the public area hotspot. By establishing a secure connection we have mitigate the risk of data stealing or packet sniffing or session hijacking. There are many ways we can do to make secure connection by using Proxy, VPN, or SSH tunnelling.
On this post I will show you how we can use SSH tunnelling to secure our connection while connected to the Internet. SSH tunnelling will encrypt data transmission between our computer and SSH server.
To secure your internet connection on windows 7 you will need:
1. SSH account access
You can get SSH account if you have hosting account. I tried with Namecheap, you need to email them/chat with their support to get activated. When they had finished verify your ID they give the access almost instantly, very fast.
2. PuTTy (Program to open SSH connection in GUI)
You can download PuTTy from here http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
3. Internet connection that allow you to connect to your SSH server.
Usually every normal internet can access Shell server.
Why you want to do this?
If you are in the internet café or in the public area hotspot you will want to use this SSH tunnel or VPN to protect transmission between your computer and the server.
You want access some websites that blocked by the system, sometimes they miss categorized website so that legit website sometime got blocked.
Setting up a shell account
I have a Namecheap and a Hostgator shared hosting account. But you will only use Namecheap because Hostgator not allow SSH tunnelling in shared hosting account.
You have to ask to their support for SSH account activation. After they activate the account we can use it from PuTTy.
Hostgator SSH account are default active with port 2222 for shared hosting plan and port 22 if you with dedicated hosting plan. However with Hostgator shared plan you cannot use SSH tunnelling, you can use SSH tunnelling with dedicated server plan. http://support.hostgator.com/articles/hosting-guide/hardware-software/compatible-technologies .So if you are still on shared plan forget about SSH tunnelling via Hostgator.
Setting up PuTTy:
Hostname could be an IP address or your domain name, port also predefined by your provider. Check with them because this will be different with each provider. Namecheap give port 21098 for my account.
Put your username (usually same with your CPANEL account) into Auto-login username
Let others leave as default.
On Connection>SSH>Tunnels on source port put 1080 and destination choose Dynamic and Auto
Setting on internet browser (Firefox)
In the sample above I use Firefox (will be the same for internet explorer and Chrome). On the connection setting choose manual proxy configuration, on the SOCKS Host: type localhost and port 1080 and choose SOCKS v5
After finish with configuration now it’s time for testing. Click Open button on PuTTy.
If you see alert from PuTTy as above regarding security key, just click Yes.
Enter your password, it will be the same with your CPANEL password
When you see screen like above picture, you are already establish a Shell connection and ready to browse the internet with new identity (IP address) and your data transmission between computer and Namecheap server are encrypted, let the window open or minimize it. If you are with shared hosting Hostgator although you already on this stage, you will not able to use as SSH tunnelling, because they don’t allow it.
To verify connection I use ipaddresslocation.org to verify connection like below picture.
ipaddresslocation.org cannot detect proxy on our connection and that is good.
Not all hosting provider give their shell account for SSH tunnelling
By having shell account not automatically you can use SSH tunnelling, check with your provider.
Using SSL will not speedup your internet connection but it will make secure connection, secure is more important than speed.
Terms to be used in this article:
Shell account: is a user account on remote server (UNIX/LINUX) you can use to issue shell command using telnet or SSH protocol.
SSH: or Secure shell is communication between 2 computers (client and server) using internet (public network) in secure manner. The transmission is encrypted so no one can tap the data in between.
PuTTy: Free open source small program that can be used to connect to serial port to transfer file, to remote access server, or as terminal emulator program. Support protocols: Telnet, SSH, SCP, Rlogin. PuTTY created by Simon Tatham.
Proxy: or proxy server is a computer that act as a gateway for clients. Proxy can increase both security and performance for clients.
Great tutorial about Proxy using SSH tunnel is here http://www.systutorials.com/944/proxy-using-ssh-tunnel/