Stupid SSH Tunnels
Posted by tim in I hate technology. on October 19, 2004

They don't work right and they aren't documented very well.


Give my article a look on NO.

  • Posted by mirrorshades (Guest) on October 20, 2004 at 07:25:38AM

I did, but I'm still confused.

I mean, it's possible to do an HTTP tunnel, no?

  • Posted by tim (Guest) on October 20, 2004 at 02:11:22PM

I sent you a memo on NO.

  • Posted by mirrorshades (Guest) on October 21, 2004 at 10:18:35AM

I got it. Here's what I'm trying to do...

According to the amount of knowledge I have of SSH tunnels, it is possible to use them to redirect all your HTTP browsing traffic. I just wanted to do it for the sake of saying I've done it, so there's no URGENT need for it, but I am quite frustrated as to why when I do it, all I get is the site(s) that are hosted on the server I'm connecting to.

  • Posted by tim (Guest) on October 21, 2004 at 02:01:11PM

Well, keep in mind these two things:

  1. You need a separate tunnel for each different host and port you want to connect to.

  2. Traffic between your computer and the SSH server is encrypted, while traffic between the SSH server and any other host is not (necessarily, unless you dig more tunnels...).

Those two things being the case, you would need to set up a tunnel from your computer to each and every website you wanted to visit (like SSL, for example). OR, you could build one tunnel to a proxy, and have that proxy serve all the pages you want to see (naturally, the traffic between the website and your proxy remains unencrypted).

I understand what you are trying to do, but 1 SSH tunnel gives you an encrypted link between your computer and exactly one other node on a network (one-to-one), which doesn't quite fit in with the idea of web browsing (one-to-many).

  • Posted by mirrorshades (Guest) on October 21, 2004 at 02:54:27PM

Well, that's kinda what I was trying to do. I considered the idea of a proxy service on the remote SSH server, but I really didn't go into depth with it.

But yes, I do understand that after the host, it would no longer be encrypted.

  • Posted by tim (Guest) on October 21, 2004 at 08:40:48PM
Add a comment