Hey all,

I'm considering getting a Linode.com account. I'm no linux guru (yet), but I like learning things by doing it. And Linode.com looks like a perfect place to learn since you can't really screw up things (and even if you do it's fairly easy to fix it again).

Anyway, I do have one final question before I sign up. Since I travel a lot I would like to know if it would be possible to install some kind of web based http/https proxy. I'll explain a bit more into detail what I mean with this. Since I travel a lot I often have to use public computers (Internet cafes) to get on the Internet. Call me paranoia but I never really trust those kind of computers/connections enough to transmit my personal details on/with them. That why I'm wondering if it would be possible to install software on your Linode that allows you to just open up a browser surf to your Linode (through https) and enter the URL you want to surf to (bank, visa details,...). So instead of surfing directly to a website you surf to Linode which forwards you to the requested website...

I know this can probably done through ssh, but I'm looking for a solution which doesn't require me to install any extra software (something I most of the times isn't possible anyway on those kind of computers).

Hope you guys understand what I'm trying to do... Also if somebody has a better way of doing it let me know!


Steven

If you don't trust them (and you're right not to), then you can't use them for anything you're not willing to expose. There is no way to be secure when you're on an untrusted platform. A proxy might shield you somewhat from people sniffing the network but not at all from anyone with control of the machine.

The cool thing about a linode is that to you, it likes like a personal machine. You can install whatever you want, so long as it doesn't cause other linode users problems.

However, you want to make absolutely positively sure that any proxy software you install requires authorization, so that only you can use it. Open proxies tend to attract jerks, who will cause problems to other linode users. See above paragraph.

_________________
The irony is that Bill Gates claims to be making a stable operating system and Linus Torvalds claims to be trying to take over the world.
-- seen on the net

Using a plain HTTP proxy will be rather pointless for what you want to use it for; although the connection will indeed be coming from the Linode, all the details will be passed in plaintext from the computer you're on to Linode, as HTTP isn't secure. This is precisely what you wanted to avoid, I think.

There are HTTPS->HTTP proxies out there, but they're not very common, I believe, and I could foresee problems with using them.

The ideal solution, as you say, is with SSH. I should point out that PuTTY does not need installation - you can take it on a USB drive. However, I would point out that just as most public computers won't allow you to install software, most won't let you change proxy settings either. All of this means that you're probably going to be looking for something a bit more complex than a normal proxy.

On that note, you could do what I used to do in high school:

Browse the web with Links

Another option, though perhaps overkill, would be to install a Java VNC applet to be served from your linode. And also install a VNC server and a desktop environment with a web browser on your linode. You could use VNC client/server combos that encrypted data between them. RealVNC has this I think.

Then, from your internet cafe, you could browse to your linode from a java-enabled web browser, and launch your VNC client there. I've found that internet cafes usually will allow running java applets from the browser in this way. Then you'd have your VNC desktop with browser inside, all inside the parent browser, and you could use this browser to surf the web more securely.

You'd still be vulnerable to keyloggers, but not much else, and it would work just about everywhere.

If you want to go the ssh route but can't use putty, you might consider the MindGate java applet ssh client that you could host on a linode web page. I have this myself, and use it at internet cafes across mexico, and I've never had it not work. It supports tunneling etc.

There are also java-based X clients out there that would be similar to the VNC option, except I find VNC to be more bandwidth efficient and better for this type of situation, since your apps fully run on your server and you for example can re-connect to your session if the connection dies or something.

combine tunnelier portable with firefox portable on a usb stick thingy and bobs your uncle!


http://www.bitvise.com/tunnelier-portable
http://portableapps.com/apps/internet/firefox_portable

If you installed an SSL certificate on a virtual host domain on your Linode server in apache, and configured that site to proxy requests for you, then the network connection itself would be secure from snooping. I've done this in the past and it works well.

It's best for using your own PC but connecting via public WiFi and so on.

It wouldn't protect you from key-loggers or screen-scrapers on the public computer though. Even using a remote desktop like VNC won't protect you from screen-scrapers.

_________________
TJ.
IntuitiveNipple
The only intuitive interface is the nipple; everything else is learned.