Checking your Facebook page from Starbucks? Checked your banking information from the Hotel WiFi? Or are you going to Defcon this year?
Public internet is not secure and there is a need for secure browsing. There are many ways to achieve this and Obfuscate the traffic for eavesdroppers and protect ourselves against Man In The Middle (MITM) attack. After trying a few different solutions like torProject, Hotspot Shield and a few others like it I decided to set up my own SSH Server so that I can create a secure tunnel between my laptop and the SSH server and use that as an SOCKSv5 proxy. If you are still interested I will try to cover the following topics over the next few days:
- Install and configure an SSH Server (FreeBSD 9.0)
- Create users.
- Secure and harden the server.
- Configure SSH client (PuTTY) in Windows
- Create Public and Private keys for authentication
- Set up Password-less login.
- 1 vCPU
- 128MB vRAM
- 16GB HDD
- 1 Public IP
- FreeBSD 9.0 i386
- Create the Guest Machine
- Save and Power On. VM should boot from DVD press Enter to continue.
- Play this video for actual installation step
- Create a new user by typing “adduser” then Enter. P.S. add user to “wheel” group so that user can invoke “SU -“
- Login as the newly created user
- mkdir ~/.ssh
- chmod 700 .ssh
- su –
- Enter root password
- cp /etc/ssh/sshd_config ~/sshd_config.orig
- cd /home/n3onli8
- cp /etc/ssh/sshd_config /home/n3onli8/sshd_config
- vi sshd_config
- I configured it to look like:
# Change to NO to enable built-in password authentication.
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
- Quit and Write changes
- rm /etc/ssh/sshd_config
- mv /home/n3onli8/sshd_config /etc/ssh/sshd_config
- /etc/rc.d/sshd restart
- exit (exit su)
man ssh for better understanding of sshd_config
Part II will cover setting up putty in MS Windows
Thanks for reading. Comment below.