One of my goals this year was to get myself secure (network-wise) for SXSW w/o having to using the corporate firewall. This is useful for a number of reasons:
- Less brittle connections
- No worries about connections while the firewall is down - this is an issue w/ auto-connecting applications like Adium/iChat
- The ability to participate in Rendezvous/other local networks while being secure
So, it turns out that on OS X, this is trivial.
SSH comes built w/ a built in SOCKS server. Just SSH as so:
ssh -D 1080 firstname.lastname@example.org
And then set up your SOCKS Proxy to localhost:1080 in System Preferences -> Network Preferences -> Airport -> Proxies.
Go into each application (Safari, Adium, and iChat all support using the System SOCKS proxy setting. w/ Firefox you just enter localhost:1080 again) and you're all set. (I have my email, IMAP/SMTP using SSL/TLS already, otherwise you'd want to look into proxying that as well. That, you can also just use a straight SSH tunnel)
You can use manually SSH to create the connection, or if you're lazy like me, you can use the SSH Tunnel Manager for one-click action (you have your authorized keys set up (alternate guide) already, right?
To double check that everything's hunk-dory, cut off ssh and watch all your connections fail. Or run netstat in your terminal and make sure all your connections are localhost.socks (except your SSH ones of course).
UPDATE: For extra style points, make these changes in a new Network "Location" called SOCKS - then you can switch SOCKS on by going to Apple Menu -> Location -> SOCKS and back to Automatic to turn it off.