4/23/08

Access Webmail securely with SSH tunnels

Suppose you need to access your email from an insecure environment, such as an open wireless hotspot or an airport. When using a public (insecure) network, the potential security risk is that your valuable data can be sniffed by bad guys.

While majority of free e-mail providers, such as Google GMail and Yahoo! do provide options to login securely using https connections over secure socket layer, some email providers (business and free) don’t offer any encryption at all. To tackle this problem, we’re going to create a secure SSH tunnel over the insecure public network.

We’ve previously covered how SSH tunnels can help you to access private data over a public network. In this hack, we’re going to use a trusted SSH server to access our webmail. Remember that the connection from the server to the mail server isn’t encrypted. Nevertheless, this hack shows you how to bypass the insecure public network.

For Windows, we’re going to use Putty, a free SSH client for Windows that supports port forwarding. Fire up Putty on your computer and enter the host name or IP address of your trusted SSH server.

In the Tunnels options (left menu), in the “Source port” type 127.0.0.1:8888 (you can choose any port number you want) and in the “Destination” type your webmail address and the the remote port (e.g. email.security-hacks.com:80). Once you authenticate, you can access your web mail over the local address.
The point of this hack is that when you access http://127.0.0.1:8888 it seemlessly creates a secure connection to your webmail server. By doing so, you assure no private data is transmitted in plain-text over the air.

How to Change JKS KeyStore Private Key Password

Use following keytool command to change the key store password >keytool  -storepasswd  -new [new password ]  -keystore  [path to key stor...