Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Setting Up an SSH tunnel to my Linux Server ??

fab5freddy

fab5freddy

macrumors 65816
Original poster
Jan 21, 2007
1,206
7
Heaven or Hell
Does anyone know how to set up an SSH tunnel from a public wifi hotspot
to my Shared Linux Hosting ?

Is this possible at all, to create a secure connection from Public WiFi
to your Linux Shared Hosting ??

thanks!
 
Best Way to Secure your Mac on Public WiFi ??

When you're on the Road, it is impossible not to use
Public WiFi spots at Starbucks etc......

What is the best solution to Encrypt and Secure your sensitive data
while surfing at these public hotspots ??

thanks!!
 
I have setup a SSH tunnel for doing VNC using the following command at the Terminal,
Code: 
ssh remoteUser@ip-address -L 5900:127.0.0.1:5900
You could probably tweak it for this.
 
I'm not a VPN expert, so I won't consider them with what I am saying below.

There is no way to secure the data.

SSL/TLS will work, so long as nobody is running Ettercap on the network.
 
here would be my suggestions, 1) PGP on the mac; 2) enable mac firewall; 3) vpn back to your main home/office firewall; 4) at your home/office firewall, disable 'split-tunnel' so that packets need to go thru the vpn encrypted tunnel for the duration you're connected. then all outbound traffic will be encrypted.
 
acurafan said:
here would be my suggestions, 1) PGP on the mac; 2) enable mac firewall; 3) vpn back to your main home/office firewall; 4) at your home/office firewall, disable 'split-tunnel' so that packets need to go thru the vpn encrypted tunnel for the duration you're connected. then all outbound traffic will be encrypted.
Click to expand...

If you have enough time, I'd really love to know the specifics on how to do this. For example, how do you set up a vpn back to the main home firewall and how do you disable split tunnel? Also, are there any setting you need on your home routers? I use the new Airport Extreme.

Thanks in advance.
 
Eric S. said:
Yes but you need both sides of the connection to be running VPN software. You can't do it just from your Mac.
Click to expand...

Right. In the easiest scenario, one has some affiliation that provides a credible VPN (e.g., if one is a university student, one's university should have a free VPN to which one's computer can easily connect...) That service is there primarily to facilitate using one's business or campus resources like information services restricted to students and staff, but they are typically generous and one is free to use it for anything that is "legal" on the campus network.

If one doesn't have a VPN of one's own, this gets messier. Setting up a tunnel back home requires leaving a computer on at home that can make up the other end of the tunnel, for instance.

I think there are services that offer one a paid access to a VPN that exists purely for this sort of purpose, but I too have honestly never used them.
 
If the TS could specify/clarify what he meant, it would help.

Does he want to secure his Mac or does he want to secure his network traffic? Related but not necessarily the same thing.

What does he mean by sensitive data? Company secrets? Patient data? Or something more mundane like credit card numbers?
 
angelwatt said:
Fugu uses SSH so it actually is relevant depending on what specifically the OP needs the tunnel for.
Click to expand...

Fugu is primarily an FTP/SFTP client. SFTP is quite different from TCP over SSH tunnelling, which is what the OP is trying to do.

It does have an SSH tunnel feature built in (which I didn't initially realize), but given that it's a single (simple) command, downloading a whole new client just to do something that takes *literally* 5 seconds from the command line seems like massive overkill.
 
ppc750fx said:
Fugu is primarily an FTP/SFTP client. SFTP is quite different from TCP over SSH tunnelling, which is what the OP is trying to do.

It does have an SSH tunnel feature built in (which I didn't initially realize), but given that it's a single (simple) command, downloading a whole new client just to do something that takes *literally* 5 seconds from the command line seems like massive overkill.
Click to expand...

But there are plenty of people who are uncomfortable with the command line. And it may only take you 5 seconds to do it. That only works when you know exactly what you're doing. Most people would have to look up the information, which would drastically increase that 5 seconds. If something can be done with a GUI, then why not. The goodness of a solution depends on the person it will help, not just anyone.
 
angelwatt said:
But there are plenty of people who are uncomfortable with the command line. And it may only take you 5 seconds to do it. That only works when you know exactly what you're doing. Most people would have to look up the information, which would drastically increase that 5 seconds. If something can be done with a GUI, then why not. The goodness of a solution depends on the person it will help, not just anyone.
Click to expand...

It just doesn't make sense to me... I mean, if you're tunnelling then you know the username, password, ports, etc (since you'd have to fill them in to Fugu) -- so how is it easier to start up a separate application and type that information into several text fields than it is to simply type out the command?

Even better, why not drop the command into a .command file and never worry about typing anything again? You can leave the .command file on your desktop, double click it when you need the tunnel, and that's that.

Maybe I'm missing something, but I fail to see how having to start a separate program, wait for it to launch, click a button, and fill out several fields is easier than double clicking an icon and typing in your password...
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back