A few years ago I started using PortableFirefox on my USB drive to browse with. It was easier to always have my stored form data, bookmarks, and other browser settings with me regardless of which computer I happened to be using. The problem was I’d often find myself on a public WiFi network and didn’t like the fact that my passwords and other personal data could be discovered by any average joe running a sniffer.
In this guide we’re going to provide you with step-by-step instructions on how you can browse, email, FTP & IM over SSH on your USB drive.
DISCLAIMER: This guide is intended to help you secure your PortableApps traffic over unprotected networks. It will NOT help you perform questionable activities, protect you from monitoring software, or keyloggers. We are not responsible for any lost data, damages, or errors which result in misconfiguration of your system. PROCEED AT YOUR OWN RISK – IF YOU BORK YOUR SYSTEM WE CAN NOT HELP YOU. This guide probably doesn’t even work and should be used by absolutely no one.
That said, throughout this guide, we will tell you to type stuff. When you actually type do NOT include the quotes. For example, if we say type “1234” you should type 1234 and not include the quotes.
- Step 1: Download the PortableApps Suite
Download and install the PortableApps Suite (Standard) on your USB drive. (The suite takes several minutes to install – select the drive you want to install to, and leave the default settings selected.) When finished click on “StartPortableApps.exe” in the root of your USB drive. This will launch the PortableApps menu which will appear in your System Tray.
- Step 2: Download PuTTY Portable
Next, download and install the PuTTY Portable SSH client to your USB drive. Save the file to your desktop and then from the PortableApps menu select “Options – Install a New App.” Select the downloaded file (named something like “PuTTY_Portable_0.60_Rev_3.paf.exe”) and follow the install instructions.
- Step 3: Configure PuTTY Portable for Dynamic Tunneling
This step assumes you already have an SSH account. If you don’t, there are plenty of places where you can get one (like here.) Chances are if you have a Linux web host, they offer you SSH access already.
1) Click on the PortableApps menu, and run PuTTY Portable.
2) Type in your host name, and then in the left hand menu select “Connection – SSH – Tunnels.”
3) In the “Source Port” box type 7070 and click the “Dynamic” radio button. Click “Add” and confirm you see the text “D7070” in the text box under “Forwarded ports.”
4) Click on “Session” in the left hand menu and under “Saved Sessions” type the name for your session (I usually just type the hostname).
5) Click the “Save” button.
- Step 4: Configure Firefox Portable for Secure Browsing
Launch Portable Firefox from the Portable Apps menu. Download and install FoxyProxy, and then restart Firefox.
1) Click on the PortableApps menu, and click on Firefox Portable.
2) Click on “Tools – FoxyProxy – Options.” Click on the “Add New Proxy” button.
3) Type “Secure SSH” in the “Proxy Name” box.
4) Click on the “Proxy Details” tab. Make sure “Manual Proxy Configuration” is selected, and type “127.0.0.1” in the “Host Name” box. In the “Port” box type “7070” and then click the “Socks Proxy?” radio button. Leave the default value of “SOCKS v5” selected.
5) Click the “OK” button to close the FoxyProxy settings window. Close the FoxyProxy Options window.
6) In the Firefox address bar, type “about:config” and hit Enter. You will see a list of configuration options for Firefox.
7) In the Filter box type “dns” and look for the “network.proxy.socks_remote_dns” setting. By default it is set to “False.” You want it to be set to “True,” so double click on the value to change it.
8) From “Tools – FoxyProxy” in Firefox select “Secure SSH” to enable SSH browsing.
- Step 5: Configure Portable Thunderbird for Secure Email
The first time you launch Portable Thunderbird it should step you through a wizard to setup your email. You can either follow the wizard or cancel out.
1) Launch Portable Thunderbird from the PortableApps menu.
2) Follow or cancel out of the setup wizard. (If you cancel you’ll want to setup your email later of course.)
3) Click on “Tools – Options – Advanced” and click on the “Config Editor” button.
4) In the “Filter” box type “proxy” without the quotes. You will now see three settings highlighted.
5) Double click on “network.proxy.socks” and enter “127.0.0.1” in the box, and click “Ok.”
6) Double click on “network.proxy.socks_port” and enter “7070” in the box, and click “Ok.”
7) Double click on “network.proxy.socks_remote_dns” to change the value from “False” to “True” and then close the Config Editor window.
(You may be wondering why we’re selecting “Remote DNS” in all these settings. If this setting was not selected, your apps would use your local DNS which would leave a trace of where you’d been surfing in the DNS logs of the servers on the local network. By selecting remote DNS, you are now using the remote DNS servers on your SSH host which will not show up in local DNS logs.)
- Step 6: Configure Portable Filezilla for Secure FTP
Download and install Portable Filezilla using the same method that you used to install PuTTY Portable, and start Portable Filezilla.
1) In Portable Filezilla click “Edit – Settings” and in the left hand menu, click on “Proxy Settings” under “Connection.”
2) Select the “SOCKS5 Proxy” radio button and for host enter “127.0.0.1” and for “Port” enter “7070” then click the “Ok” button.
- Step 7: Configure Portable Pidgin for Secure IM
Download and install Portable Pidgin using the same method that you used to install Portable Filezilla and Portable PuTTY.
1) Click on “Tools – Preferences” and click on the “Network” tab.
2) Under the “Proxy Server” section select “SOCKS 5” from the drop down menu. Enter “127.0.0.1” for “Host” and “7070” for Port.
3) Click the “Close” button.
- Step 8: Launch your SSH Session
Launch PuTTY Portable from the PortableApps menu. Double click on your saved SSH session and login with your SSH username and password. Minimize your SSH window.
- Step 9: Test your apps!
Whew! If you’ve made it this far, gratz! In Portable Firefox go to http://www.whatismyip.com and have a look at the IP address listed. Then select “Tools – FoxyProxy” and select “Completely disable FoxyProxy” and hit refresh. The first IP address listed is the IP of your SSH host, and the second is your local IP.
If you configured everything correctly, you should be able to now switch back to “Secure SSH” in Portable Firefox and browse over your SSH tunnel, effectively shielding your traffic from the local network. Now launch ThunderBird, Filezilla, and Pidgin and configure your accounts. Your PortableApps traffic for the apps your configured is now being routed over your SSH tunnel which helps shield usernames, passwords, and sites visited from any prying eyes on unsecure networks.
We strongly recommend using a fast USB drive with security features. No sense in carrying all your personal browsing around without securing it right? We’ve personally tested ATP Petito and Sandisk Cruzer drives, and both offer high transfer rates and security features. If you’re looking for enterprise level security, consider using an IronKey USB drive which utilizes hardware encryption to secure the data on your USB drive. The drives we recommend are listed below.
To secure your data even further, we suggest giving Folder Lock a try. Folder Lock uses 256-bit BLOWFISH encryption and we’ve used it before to secure data on external USB drives.
ATP Petito USB Drives
Sandisk Cruzer USB Drives
IronKey USB Drives
If you liked this guide, please add and share using the Social Bookmark below!