The problem: Can I trust WiFi?
Ssh from the laptop (laptop) to the trusted workstation (proxy). Use ssh port forwarding to forward local port 13128 to port 3128 on proxy. Set up Squid on port 3128 (which happens to be the default) on the proxy machine.
Assume: proxy is a fedora/redhat machine. Any other unix flavor should work, but I use yum and /sbin/service. Your mileage might vary. Assume: your browser (and other internet applications) allows the use of proxies. Assume: you have ssh on your laptop. (Putty or cygwin/openssh will work for win32. I assume openssh.)
Before you get started, go to proxy, your proxy server, and install squid if it is not installed:
proxy$ sudo yum install squid
Set up your squid server. In /etc/squid/squid.conf, add this line AFTER "acl all src 0.0.0.0/0.0.0.0":
http_access allow all
This should be secure enough if you have your firewall set up. No need to punch holes in the firewall, as long as the ssh port is open.
When you are on the road, on the client:
laptop$ PROXY=nnn.nnn.nnn.nnn laptop$ ssh -L 13128:$PROXY:3128 $PROXY
Note: $PROXY must be the IP address of your proxy server.
you use putty/windows instead of openssh, you can do the same with a
gui. Here's what is should look like.
proxy$ sudo /sbin/service squid start
In your proxy settings on your browser, use localhost/13128 as your
Here's what it should look like in firefox/windows.
Everything should work now. When you are done:
proxy$ sudo /sbin/service squid stop proxy$ logout laptop$
Don't forget to fix your browser settings when you are done.
(C) 2005 Hal W. Canary
hal at ups dot physics dot wisc dot edu
This document available under the Creative Commons Attribution-ShareAlike License.
file modification time: 2005-04-20 02:50:08
Copyright 1997-2013 by Hal Canary.
mailto: halcanary at gmail dot com