I want to know when i use SSH and firefox if someone else can see the domains or any sites i log into (i like using ftp://user:pass@site.com). I like to know the information so i can decide if going to a private (work) site from an untrusted site is a good idea or not.
At the very least i want to know if anyone at all can see me visit http://SiteWithBetaPhpAndAnUnsecureDB.com/Debug.php
What you want is to configure ssh to run as a SOCKS5 proxy and not just to do simple tunneling (-L) through it. The difference is in the DNS lookup. With the tunnel, the DNS lookup is done on the browser end, which may be insecure. With the SOCKS5 proxy, DNS lookup can be done on the secure remote end.
ssh -D 1080 user@remoteserver
Then in the firefox configuration, set network.proxy.socks_remote_dns = true in about:config. This forces the DNS to be handled on the remoteserver. This will even allow you to access non-public servers using their private names.
As Goyuix said, bonus points for using certificate based authentication and blocking everything else.
Generally, SSH will provide you with pretty good privacy - though there are a few pitfalls to be aware of:
First, depending on where you terminate (e.g. the server side) the SSH connection, anything on the other side of it could be watching your traffic.
Second, while the majority of your traffic will be routed over SSH, it is possible (and probable) that DNS lookups could happen outside of the SSH tunnel. That wouldn't give away the full URL granted, but if you are concerned about someone plunking around the server in general this isn't the best idea.
Best plan: Terminate the SSH connection on the network edge where your private server sits. Ideally the database/web server should not be internet facing and requires that you poke a hole through your firewall using SSH to even connect to the server(s).
Bonus points: Using ssh certificates with your connection to further reduce the chance of issues.
This is really two questions:
1- When I use SSH and Firefox to connect to that site, can people see it?
Unless you have turned off your DNS lookup, the hostmaster of your DNS server will see your query. Also, anyone who can packet trace your DNS traffic (exposure varies), can figure this out.
Also, the URL you provided was clear text (unencrypted). Anyone that could normally sniff your packets will be able to see.
2- The other question is basically: is it safe for me do work on a public site w/o turning on encryption for all services? The answer is no. You should not have any work sites that allow authentication or general access over unencrypted connections.
