Nowadays, data breaches, hacking and snooping are happening frequently. Not a day goes by without news of a leak of a company’s database or of some government censoring or controlling more parts of the Internet. And there is always a Nigerian prince who wants you to help free up his million dollar fortune.
To protect your identity and other sensitive information from all this, you need to secure your browser, especially when using public WiFi networks. The ideal solution is to use the VPN that we have mentioned in some cases.
Beware of Angry IT Admins | shutter
But what if you’re behind the firewall of your office, library, or school? While a VPN will work (sometimes), the paid services and the free ones both have a dark side. SSH tunneling is one of the alternatives to this that allows you to bypass restrictive firewalls without getting caught.
What is an SSH tunnel?
SSH tunnels are like VPNs. In a VPN, you connect to a VPN server, and all your traffic is encrypted and routed through that server. The premise is the same but instead of a VPN server, you have a PC or router at home, which acts as a server, to route traffic and takes a few extra steps to set up.
Simple Setup | shutter
For those readers who prefer technical details, the client-side computer will connect to the SSH server via port 22. Most firewalls allow communication over port 22, since this is the port used by HTTPS. and cannot decrypt what is being transmitted over the HTTPS connection because it is encrypted. Also, SSH also uses the same port so most firewalls allow it. I say mostly because some really good people can still catch it, so read the warning below.
A word of caution Before you start poking around in your workplace’s network settings, review its policy on the matter. Depending on the company, you will at most get a warning or at worst get fired. Also, if you work in a company that involves sensitive work such as a government agency, bank or nuclear power plant, you should not do this as it may lead to compromised security, leading to some of the aforementioned hacks. If the IT admin decides to check, they will only see traffic over port 22 to and from your PC but won’t be able to tell what the traffic is about due to the encryption. So if you get caught and reprimanded for trying this, don’t put a finger on us. Furthermore, there is no guarantee that this method will penetrate all firewalls. Most firewalls allow this because they cannot distinguish between SSH and HTTPS packets. But a really sophisticated firewall will even detect this and block the connection.
Server side: FreeSSHD
In VPN connection you connect to VPN server, in the same way in SSH tunnel you need SSH server. There are free SSH servers available but our main concern here is security, it would be unwise to trust an unknown entity with your data. So we’re going to set up a server on a home PC. Hosting an SSH server doesn’t require a lot of configuration so any old or cheap PC should be good enough for the job. FreeSSHD, a free to use app. Let’s set it up.
Step 1: Download and install FreeSSHD. At the end of the setting, select Correct because Private key and choose ARE NOT because Do you want to run FreeSSHd as a system service.
Step 2: Open FreeSSHD and open the settings window by double clicking on the taskbar icon. There should be a green tick indicating SSH server running.
Do you know? Speaking of firewalls, they’re not just for PCs and servers. We recommend using some great firewalls for your smartphone.
Step 3: Click user tab > Add to add new users. In the newly opened window, enter the username of your choice. IN Passwordselect Passwords are stored as SHA1 . hashes from the drop-down menu and enter the password of your liking. Tick the checkboxes for Cover & tunnel.
Step 4: In encode select tab AES(128,192 and 256 bits) option then click SSH And tunnel tabs and modify the options according to the image below.
Settings for SSH tab
Settings for the Tunnels tab
Client side: PuTTY
To connect to an SSH server, a client is required. So we will use the great and free PuTTY client. It’s simple and requires no installation, perfect for work PCs that don’t usually let you install programs.
Download and open PuTTY. inside Server name enter the IP address or hostname of the PC on which the SSH server is running, select SSH below protocol and click Open. A black window will appear asking you to enter your username. This means the connection to the SSH server was successful. Enter the username you set in Step 3, then the password (this password will not appear as you enter it).
If you get a connection refused error or a connection timeout, follow the next steps to allow the port in the Windows firewall.
Open the Windows firewall (on the FreeSSHD server PC) and go Advanced settings. In the Advanced Settings window, click Inbound Rules > New Rules. Now follow the steps as per below screenshot.
Select port for rule type.
Select TCP and enter 22 for port number.
Select Allow connection.
Tick all three options.
If you are still getting connection errors, try pinging your SSH server from CMD. If you get a request timed out message then most likely the firewall is tightly secured and unfortunately there is nothing you can do.
Did you succeed in breaking the barrier?
Are you enjoying YouTube videos from your office PC or still staring at excel sheets? If you have any thoughts or doubts, visit our discussion forum.
Categories: How to
Source: thpttranhungdao.edu.vn/en/