02
Mar

Ok. So if you’re looking at this page it means that you want a secure and easy way to log into your home network from a remote location. There are many applications to doing this and some common ones include: web proxy, file sharing, remote desktop, gaming.

I use my tunnel for a variety of reason, most of them I just listed. There are some situations where I want to access a website which is blocked by a local proxy server, so to get around it I log into my SSH server and socket my web data through it. This basically make it like I’m surfing at home (unrestricted). There’s also been instances where the internet I’m on has packet filtering which is bad for p2p or gaming. If I socket my torrent program or game through my SSH tunnel I can avoid the latency caused by packet filtering.

The SSH tunnel also adds a layer of security using RSA encryption by default, so anyone trying to monitor what you’re doing on it is almost impossible.

So how do you go about setting one up? Well this is designed for Windows XP or Vista users, and after some incredible amount of time I was able to compile an installer for the CYGWIN compiled version of OpenSSH. Now you technically don’t need my installer to use OpenSSH, but there’s a pain staking process to installing it using CYGWIN’s setup. For those of you looking for a learning experience, please feel free to manually install OpenSSH using this tutorial by Nicholas Fong. But for those of you who want to get right to the good part, continue reading.

What you need:

I was only able to test this installer on Windows Vista x86 and x64 as that’s only what I have. The installer uses WinRAR to unpack the files and VBScript to configure everything. The place where XP users may come into problems with is the VBScript, so report any bugs.

After you download and install the OpenSSH Server you will only need to run “start.vbs” to start the server, or “stop.vbs” to stop the server. If you want to make it start when ever Windows starts up, make a shortcut to the “start service.vbs”, and copy the shortcut to the “Startup” folder located in the Programs menu. For Vista users that’s located: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup. For XP users that’s located: C:\Documents and Settings\All Users\Start Menu\Programs\Startup

I tried making a VBScript to install it as an actual service, but for some reason it wasn’t allowing it to start (in Vista anyway). If I ever figure it out, I’ll make a new installer.

And that’s it!

The OpenSSH Server is configured for with basically everything set as default. If you want to change the port the server operates on or anything like that, edit “sshd_config” in the “etc” folder in Wordpad (Notepad doesn’t format it properly). Be sure to stop the server before your changes and start it again afterwards.

Authentication:

OpenSSH uses your Windows username and passwords as a means to login to your SSH server by default, and it also doesn’t accept any accounts with empty passwords. So you’ll need to create a Windows account with a password and regenerate the user/group lists using the “update.vbs”. Note: Do not delete the sshd account, it’s required for privilege seperation and the server won’t run with out it. Please also be aware that you’re creating a “hole” for potential hackers to get into, that being said make sure you make complicated passwords for your accounts so no one can guess or brute force them.

Using your SSH Tunnel:

There are lots of free programs out there for accessing SSH servers (like Putty). Personally I use the OpenSSH client and a Socks client (FreeCap) together. Using the command line OpenSSH program I can connect to my SSH server and create a local Socks Proxy. A Socks Proxy basically takes information from a program and sends it to your SSH server instead of directly to it’s location. Here’s a diagram:

Request for http://google.ca –> Firefox –> [Socks Proxy] –> [SSH Client] –(over the internet)–> [SSH Server] –> [Google Server]

World of Warcraft –> [Socks Proxy] –> [SSH Client] –(over the internet)–> [SSH Server] –> [World of Warcraft Server]

And in between the SSH Client and SSH there may (and should be) Firewalls, Proxies, etc. If you’d like to use my method, you can download the OpenSSH Client and edit the “Launch SSH.bat” by replacing the brackets with the required information. You’ll also need to point FreeCap to localhost on port 8080 using SOCKS Version 4 for now.