SSH server

[anyedie]

I recently bought web hosting through bluehost, and after exhaustive research on setting up an SSH server I am still at a loss. I am trying to set up an SSH server on my hosted account to tunnel normal traffic through. I am mostly on University networks and do not like the idea that any one of the few kids sniffing traffic could get my logins. The problem I am comming up against is that most of what I find for SSH servers require physical access, I only have Shell access. Anyone know a tut or program that could help me out with this?

Additional Info:

the web server is running CentOS (free redhat)

and I am wanting to tunnel web, and ftp traffic

thanks :D

[Sparda]

If the provider allows you to run a SSH service it's usually on by default. If it's not on then ask the tech support people.

[cooper]

For this to work you need to install a proxy service on the machine. You'll probably want to use Squid for this. I doubt your hoster will allow this unless you have a dedicated server.

If you do have (gotten) a proxy server installed on there, make sure it's restricted to only allow service from localhost.

I'm not under the impression that SSH access is given by default with a typical hosting account. In most cases it's not needed, and programs like PLESK make it *FAR* easier for you to manage your services in ways that would normally require shell access. So also with this one, I doubt your hoster will allow this unless you have a dedicated server.

After that, though, it's smooth sailing.

Um... Wouldn't it be easier to just use secure services, and maybe sniff some traffic yourself to see just how much at risk you are when you can't switch to some more decent protocols?

[anyedie]

Thanks for the response.

Um... Wouldn't it be easier to just use secure services, and maybe sniff some traffic yourself to see just how much at risk you are when you can't switch to some more decent protocols?

Ive been donig this some today, and I finally found something that can secure my ftp traffic, and Some time ago I switched to google mail (from yahoo, because they send pain text pws), but what about securing things like my school login (just a mail server) or hak5? Or even AIM traffic (that one, i dont really care about, just curiuos)?

I know the best way would be to just not do these things on public networks, but is there a good way to secure it?

[Shaun]

I'm not under the impression that SSH access is given by default with a typical hosting account. In most cases it's not needed, and programs like PLESK make it *FAR* easier for you to manage your services in ways that would normally require shell access. So also with this one, I doubt your hoster will allow this unless you have a dedicated server.

Some hosting services do, I know Dreamhost do and you could always get a cheap VPS/VDS (although those arean't always the most reliable).

[cooper]

Some hosting services do, I know Dreamhost do and you could always get a cheap VPS/VDS

But the SSH bit is only part of the equation. You either need that proxy server, or you need to bind a specific port to a specific remote location though some type of software. You could use SSH again for this, but this would mean you have SSH access to the (say) FTP server in which case you shouldn't need to mess with this setup in the first place.

I'm fairly certain some IMs use secure logons. I was under the impression that some time ago the MSN protocol changed over to secure communication only which resulted in a lot of problems for the open clients that never bothered to implement this stuff.

Stuff like this forum are less trivial. Maybe you could give Darren the Sad Puppy Face and ask him to get the $20 server certificate which would allow him to run this place as an HTTPS server, making that one a moot point.

But overall, I guess you can only hope to assume that your login data will be obscured by all the other traffic that is travelling across the pipe. And make sure you use unique passwords for each service you use so that one gets comprimised you'll have a lead on where the problem started, and will be able to quickly fix the problem aswell.