{"id":33,"date":"2009-05-27T18:41:11","date_gmt":"2009-05-27T22:41:11","guid":{"rendered":"http:\/\/blogs.law.harvard.edu\/djcp\/2009\/05\/secure-http-connections-over-untrusted-networks\/"},"modified":"2009-05-27T22:26:35","modified_gmt":"2009-05-28T02:26:35","slug":"secure-http-connections-over-untrusted-networks","status":"publish","type":"post","link":"https:\/\/archive.blogs.harvard.edu\/djcp\/2009\/05\/secure-http-connections-over-untrusted-networks\/","title":{"rendered":"&#8220;Secure&#8221; http connections over untrusted networks"},"content":{"rendered":"<p>Oh, <a href=\"http:\/\/openssh.org\">ssh<\/a>. How I love thee.<\/p>\n<p>So I wanted to log in to wordpress blog with a login page NOT behind an HTTPS connection from an &#8220;insecure&#8221; network &#8211; in this case, it was the MBTA&#8217;s commuter rail wifi.<\/p>\n<p>SSH supports SOCKS proxy connections and makes this STUPIDLY simple:<\/p>\n<p><code><\/p>\n<pre>ssh -C -D 8000 name-of-your-proxy-ssh-server.com<\/pre>\n<p><\/code><\/p>\n<p>&#8220;-C&#8221; turns on compression, &#8220;-D 8000&#8221; makes the SOCKS proxy connection on localhost&#8217;s port 8000.<\/p>\n<p>Then you need to set your local firefox to use &#8220;localhost&#8221;, port 8000 as a SOCKS proxy. And bang! You&#8217;re proxying securely over an insecure network.  <\/p>\n<p>Yeah, yeah, the best solution would be to have the target wordpress use SSL, but not every blog can have a dedicated IP.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Oh, ssh. How I love thee. So I wanted to log in to wordpress blog with a login page NOT behind an HTTPS connection from an &#8220;insecure&#8221; network &#8211; in this case, it was the MBTA&#8217;s commuter rail wifi. SSH &hellip; <a href=\"https:\/\/archive.blogs.harvard.edu\/djcp\/2009\/05\/secure-http-connections-over-untrusted-networks\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1984,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[5039,593,6080],"class_list":["post-33","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-infosec","tag-security","tag-ssh"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/archive.blogs.harvard.edu\/djcp\/wp-json\/wp\/v2\/posts\/33","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.blogs.harvard.edu\/djcp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/archive.blogs.harvard.edu\/djcp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/djcp\/wp-json\/wp\/v2\/users\/1984"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/djcp\/wp-json\/wp\/v2\/comments?post=33"}],"version-history":[{"count":3,"href":"https:\/\/archive.blogs.harvard.edu\/djcp\/wp-json\/wp\/v2\/posts\/33\/revisions"}],"predecessor-version":[{"id":36,"href":"https:\/\/archive.blogs.harvard.edu\/djcp\/wp-json\/wp\/v2\/posts\/33\/revisions\/36"}],"wp:attachment":[{"href":"https:\/\/archive.blogs.harvard.edu\/djcp\/wp-json\/wp\/v2\/media?parent=33"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/djcp\/wp-json\/wp\/v2\/categories?post=33"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/djcp\/wp-json\/wp\/v2\/tags?post=33"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}