I'm using SSH's dynamic port forwarding to host a socks proxy on localhost. I'm trying to find out if the connection between my computer and the remote server/destination is secured. Will my ISP or anyone be able to read data sent through the socks connection?
Asked
Active
Viewed 690 times
2
-
"host a socks proxy on localhost"; does that mean you ssh to localhost with dynamic forwarding enabled ? this is useless. – b0fh Oct 14 '12 at 01:32
2 Answers
1
The quick answer is No. Data tunneled through your SOCKS proxy will have the same cryptographic strength as much as your SSH session can provide (e.g. RSA-1024, RSA-2048).
Having that said, for the ISP to read your data, in short they'll have to convince you accept a host-key at the beginning of authentication among other things that is not from your remote server, but actually from the ISP. This is why SSH client shows a big fat warning as below to warn you of a possible MITM attack.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
3f:1b:f4:bd:c5:aa:c1:1f:bf:4e:2e:cf:53:fa:d8:59.
Please contact your system administrator.
Add correct host key in /home/peter/.ssh/known_hosts to get rid of this message.
Offending key in /home/peter/.ssh/known_hosts:3
RSA host key for 192.168.0.100 has changed and you have requested strict checking.
Host key verification failed.$
gsbabil
- 126
- 2
0
If the other side can read the data without decrypting it, then so can any middleman.
Ignacio Vazquez-Abrams
- 45,939
- 6
- 79
- 84