Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Secure public surfing with home proxy

Ross Henderson

Ross Henderson

macrumors member
Original poster
Apr 6, 2006
51
0
Hi everyone. I use may laptop (10.4.6) on public wireless networks and I'm interested in using an ssh tunnel to encrypt all my traffic. (not just HTTP), so not to let any information be seen by packet sniffers. It would be best if I could send every network request I make to my desktop (10.3.9) at home encrypted and use it as a proxy server. What services would I need to enable or install on my home machine to acheive this? It would be best if they were command line based as they would be easier to maintain when I'm away.

Any ideas?
 
Can I ask the first, obvious, maybe silly question? Do you have a static IP address at home?

I know that OS X Server (both Panther and Tiger, I believe) have software built-in to create a VPN. I'm not sure if it's possible without OS X Server out of the box, though. But you might be able to use something like this:

http://openvpn.net/

There are free solutions like this, too, that may or may not work using OS X on the server end:

http://www.summersault.com/communit...ting-a-vpn-for-free-with-mpd-and-freebsd.html
 
I do have static IP addresses, both LAN and external. I will be able to forward any nessesary ports to the desktop if needed as it behind a NAT router. I was looking into VPN but I was unaware there were open source alternatives as I was under the impression I needed to pay for hardware. I can presumably configure VPN using internet connect on my laptop once this software is installed on my desktop. Am I correct?
 
if all you're doing is browsing the internet, you can

0) edit your /etc/ssh/sshd_config file by changing the "X11Forwarding no" to "X11Forwarding yes"
1) ssh into your home computer with `ssh -X *ip address of home computer*`
2) start up firefox or mozilla from your home computer

for that to work, you need to install fink or darwinports and then the install the X11 version of the web browser
 
jhu said:
for that to work, you need to install fink or darwinports and then the install the X11 version of the web browser
Click to expand...

It's been a long time since I've tried this, but... this wouldn't exactly be "snappy," would it? It would definitely work, though.
 
jhu said:
if all you're doing is browsing the internet, you can

0) edit your /etc/ssh/sshd_config file by changing the "X11Forwarding no" to "X11Forwarding yes"
1) ssh into your home computer with `ssh -X *ip address of home computer*`
2) start up firefox or mozilla from your home computer

for that to work, you need to install fink or darwinports and then the install the X11 version of the web browser
Click to expand...

Thats a good idea but I would rather not have the overhead bandwidth involved with X11, especially with the bottleneck of my upload speed at home. I have freex86 installed on the desktop but couldn't get and browser to compile on darwin. Also it would be nice to enable this with a quick change of Location in the apple menu. I might try it though if other routes become to complicated.
 
mkrishnan said:
By the way, yes, if you created a VPN, then you would be acquiring a connection most likely through the internet connect wizard's VPN section.

One more option for you to try, getting back to your original idea:

http://homepage.mac.com/adg/SquidMan/index.html

Squid is an open source proxy server application package. :)
Click to expand...

Oh wow. That's other option. I'll try OpenVPN first as it sounds like the most secure. It seems to compile ok, just one dependancy issue, which was a quick download. I'll post again once I get it working incase anyone else needs the same thing as me.
 
If anybody wants to do what I did, heres some info. The dependancy I needed (on mac os x panther) was LZO and was found at http://www.oberhumer.com/opensource/lzo/.
I also found a graphical user interface for OpenVNC at http://www.tunnelblick.net if anybody wants any easier way. OpenVPN is installed in /usr/local/sbin, which by default is not in your path. So has to be run as /usr/local/bin/openvpn instead of openvpn as in many tutorials I found, and I found a tun/tap driver which I needed at http://www-user.rhrk.uni-kl.de/~nissler/tuntap/. I hope this helps someone.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back