Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

How to set up a VPN

A DIY guide to securing web access with SSH

Article comments

If you work on the go fairly often, you've probably hopped on a public wireless network at least once or twice. You should have also figured out how to keep your data safe when you're on such a network, by taking precautions such as using your company's virtual private network, if available, or an encrypted web tunnel such as Hotspot Shield.

If you don't have a company VPN and you don't want to deal with Hotspot Shield's banner ads, however, you can still secure your wireless traffic without breaking the bank by setting up your own VPN and gaining a private, encrypted Internet connection free from eavesdroppers.

Tunneling Your Traffic

Whether the public wireless network you use is password-protected or pay-per-minute, anyone who connects to the network could spy on your HTTP traffic, restaurant patrons, other people in your airport concourse, or other paying subscribers of a commercial hotspot provider.

You can fix this problem by creating an encrypted tunnel through which you can send web traffic that originates at your laptop and ends at a known location (the tunnel "endpoint"). From there, the tunnel routes your web requests to the public Internet. Of course, once the traffic is outside the tunnel, it's subject to the usual potential scrutiny, from ISPs, law enforcement or the like, but while your data is travelling through the public-access Wi-Fi hotspot, your web surfing is secure.

VPN tunnel over public Wi-Fi

In the diagram above, regular users of the coffee shop's wireless hotspot take the direct route to a website (in red), but you use an encrypted tunnel (in blue) to shield yourself in the hotspot network. Once you are at your tunnel endpoint, your web traffic travels through the Internet via regular unencrypted methods (again, in red) to arrive at the destination website.

Easy, Cheap Security via SSH

The easiest way to set up your own VPN starts with paying a monthly fee for a hosting company to do all the difficult work of obtaining a server, installing an operating system, and making sure the server stays online 24 hours a day with plenty of backup generator power. I prefer this approach because you don't have to fuss with any firewalls back at home, and you don't have to leave a computer running when you're on the road.

Any inexpensive shared hosting provider will do for your purposes, as long as the company provides access to a secure shell (SSH) server. SSH was created as an encrypted version of telnet, one of the Internet's original protocols, used to send character information between computers. (If you've ever seen a Hollywood computer thriller showing a green screen and hackers typing away furiously, they're probably using SSH or telnet, depending on how well the screenwriters did their research.)

I personally prefer HostGator, which has a large data centre in Houston. The company's basic "Hatchling" hosting package is almost $5 per month, so for three nickels a day you can have your own secure tunnel. Once HostGator creates your account, you receive your login information and your assigned server. From there, you can set up an impromptu web proxy by issuing SSH commands. I'll demonstrate both OS X and Windows versions; Linux users can follow along and make minor adjustments where necessary.


More from Techworld

More relevant IT news


palloy said: Its all very well setting up an SSH client and server to form a tunnel but when your browsers request pops out the endpoint of the tunnel what then An HTTP request to a proxy is not the same as one sent to a web server and so has to be processed by a web proxying program once the packet has traversed the tunnelIf it is any good a web proxy will do caching and pipelining for you to cut down on unnecessary tunnel traffic None of this is covered in the article

Auli said: ssh works very good for me

sean said: The least you could do is either edit the article or delete it I wasted a LOT of time with a hostgator rep trying to troubleshoot this before finally finding out they dont support it Articles like this with false information destroy the credibility of your site

Sean said: hostgator does not support this on a shared hosting account

Fernando said: Remember that Firefox uses the local public DNS server when using SOCKS Somebody could spoof the DNS replys and send you to a fake siteTo be really safe you should type aboutconfig in the URL and change to true the following setting networkproxysocksremotednsGreat articleBest regards

mik said: Yeah could you explain how you did it i asked the hostgator support and they replyedm that it isnt enabled for shared hosting Please give a responseMik

crispy said: I tried everything you said here and curiously I cant seem to get my browser to use the tunnel I am on linux and using firefox Its like the tunnel isnt working properly I checked on Hostgator and they write that you can only do VPN on dedicated server accounts I am only on a baby or hatchling curious how you made it work on yours C

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *