03.Apr.2019









Tutorial: Using a Linux box as a Proxy for SSL connections

While AmiSSL 4 makes a modern version of SSL available for AmigaOS 3, software that supports it is still hard to find. And given its slow CPU, an Amiga is barely able to decode modern SSL cyphers anyway. amiga-news.de reader 'Cego' solved this problem by using a PC running Linux - you could also use a Raspberry Pi running Raspbian - as a proxy:



In this scenario the Amiga is sending all of its HTTP request to the Linux box, which handles all communication with the Internet. Since the connection between the Amiga and the Linux box is never encrypted, the ancient Commodore computer is no longer burdened with encrypting and decrypting packages and its user doesn't have to worry about protocol compatability or certificates.



Requirements



To get started, we need to have the following things available: a computer running Linux (e.g. Debian, Raspbian) and an account with Root privileges

sslstrip for Linux

the IP address of the Linux box. This can be determined by entering hostname -I in a terminal

in a terminal IBrowse 1. activate IP forwarding



First we have to activate IP forwarding on the Linux box, by entering the following in a terminal:



echo "1" > /proc/sys/net/ipv4/ip_forward

2. install and activate SSLStrip



Now we have to install sslstrip by invoking the following command with Root privileges:



apt-get install sslstrip

Then we start the program from the terminal:



sslstrip

3. configure IBrowse's proxy settings



Now we run IBrowse on the Amiga and tell it to use a proxy by enabling it in Preferences -> Network -> Proxy. Make sure you configure a proxy for "HTTP" (not "HTTPS") and enter the IP address of the Linux box here. sslstrip is using port 10000 by default, so that's what we need to enter here.



How it works



As far as IBrowse is concerned, the entire Internet is now available without encryption. Should a website enforce an SSL connection, the Linux proxy will take care of that and remove any encryption before forwarding the content to the Amiga - which frees the latter from the ressource-heavy process of decryption.



Thanks to IBrowse's "URL Prefs" functionality, you could selectively enable or disable the use of the proxy for certain sites, but it's just as convenient to simply enable/disable the proxy using the Preferences -> Proxy menu or via the global configuration. (cg) (Translation: cg)



[News message: 03. Apr. 2019, 21:48] [Comments: 0]

[Send via e-mail] [Print version] [ASCII version]

