There is a web service that I am accessing, unfortunately, I can't paste the uri here because it is inside of an internal network and wouldn't do us any good here. The web service works great but the problem is the maintainers of it only support http and have no intentions of implementing https.
So, my question is… is there any way to force encryption without being able to use https? I imagine an SSH tunnel would be quite effective but I'm not sure how to implement it in this situation.
Any ideas?
Best Answer
SSH tunnels are quite simple. Just make sure the firewall doesn't allow HTTP out (it would render the tunnel pointless) and does allow SSH out.
Then it's just a matter of tunneling localhost:80 (or whatever the port is) to a local port for you.
Here's an example if your computer runs *nix:
ssh webserver.example.com -L 8080:localhost:80 -fNThis will work assuming the ssh server is the same as the web server, if it is not, use the web server's ip instead of localhost. The -fN puts the tunnel in the background, freeing up the terminal again.
Once the tunnel is up, you can browse the server on localhost:8080 on your computer.
If you are on a Windows machine, use something like PuTTY. Here is a good how-to with screenshots.