0

I have established an SSH tunnel to an untrusted machine:

ssh -N -D 12345 john@example.com

Next, I set up Firefox's connection settings to use the SSH tunnel by setting the SOCKS host to 127.0.0.1, and the SOCKS port to 12345.

I do not need to hide the fact that I am proxying http requests, but I am concerned that this setup allows the untrusted machine to eavesdrop on the contents of the traffic when I browse the web. Is this a valid concern?

Flux
  • 683
  • 1
  • 6
  • 12

1 Answers1

3

Accessing an untrusted machine with SSH is a problem in the first place, see What are the risks of SSHing to an untrusted host?, Risks of ssh to an untrusted host?, Is it safe to connect to random SSH servers?.

Additionally SSH only protects the connection between the two SSH peers. That means that the traffic is no longer protected on the untrusted SSH endpoint and that this untrusted system can sniff and manipulate the traffic.

Steffen Ullrich
  • 190,458
  • 29
  • 381
  • 434