Category: Security

SSH Tunnel to watch Netflix

I often use a ‘hopping server’ when connecting to clients, that means i need to login twice each time. To make my life easier i sometimes use an SSH tunnel so i can connect to clients directly.

SSH Tunnel can also be usefull when your office blocks netflix 😉

Local Port Forwarding

This will allow you to access remote servers direcly from your local computer. Let’s assume you want to use RDP (3389) to a clients hosts (10.0.1.1) and your hopping server is ‘hopping.server’

ssh -L 6000:10.0.1.1:3389 wieger@hopping.server

Now you can open Remote Desktop and connect to ‘localhost:6000’, directing you through the tunnel!

Remote Port Forwarding

This will make your local service/port acccessible from a remote host. Sometimes i use this to keep a ‘backdoor’ and login remotely (home or whatever).

Let’s say you want to make a webapplication (TCP 443) availible at port 6000 on the remote SSH server

ssh -R 6000:localhost:443 wieger@bontekoe.technology

Now you should be able to connect to port 6000 on the remote host (bontekoe.technology)

Dynamic Forwarding (Proxy)

This is ideal for people who want to use the internet safely/anonymous or for offices where Netflix is blocked 😉

Use a remote server to tunnel all web traffic (eg. home server), connect through SSH to it using the -D flag

ssh -D 6000 wieger@bontekoe.technology

Now open up your browser settings, navigate to the connection properties and enter a Proxy server (manually using SOCKS). Use 127.0.0.1 as host and 6000 as port. The tunnel will remain open as long as you are connected through SSH.

Please follow and like us:
error

Encrypt email with PGP

One of the most popular methods to encrypt messages is PGP, which is a cryptography system quite widespread on the Internet. Using PGP we can encrypt a message end-to-end. There are many tools that can help, i use Gpg4Win (Free tool, works with Outlook).

Download Gpg4win here.

Once the download is finished, fire up the installer. It’s pretty much next-next finish. Optionally you can select “browser integration” during the installation process.

After the installation open it for the first time and click “New Key Pair”, it will request your name and e-mail address. Hit “Create” so start the generation process. Also, it will ask a password to secure the private key. Once done, it will tell you “Key pair successfuly created” – you are good to go.

To access your public key, right click anywhere on the bar where it lists your name and email address. Select the option in the drop-down menu that says Export. Save the file somewhere, you can share this with other people you want to safely communicate with.

Now it’s time to find your private key. You will need it to decrypt messages that you receive. Right click on the bar where your certificate is displayed, then select Export Secret Keys. Save this file in a safe location!

In order to communicate safely with somebody you will have to import their public key in to Kleopatra. To search for someone’s public key, click on the Lookup on Server and simply search for e-mailaddresses. Found the person you were looking for? Right click and hit “Import”. It will ask for confirmation, if correct hit Yes.

Here comes the magic. Open up Outlook and create a new email. In the top bar you will find a new header (“GpgOl”). Add the person you just imported in the “TO” field, add some content in the email and hit “Encrypt”. If required, select the certicate that matches the recipient and hit “OK”. Now you will see the message completely crypted.

For receiving a crypted email it’s very simple, go to the top bar (GpgOL) and hit Decrypt. Remember, you must have this persons public key imported.

Please follow and like us:
error