My Router is accessible via a Telnet Session or a Webinterface. Connecting to the Telnet Port is unsecure, since Password and all other Info is send plain text. I want to use SSH Tunneling to make a secure encrypted Connection between my Laptop and the Router, so i put this in the Terminal:
For Webinterface:
ssh mylaptopip -L 10080:routerip:80
When i now go to my Browser and type in 127.0.0.1:10080 the Webinterface comes up and everything is fine and i should have a secure connection. Problem is when i open up another Terminal on my Laptop and type sudo /usr/local/bin/tcpflow -i en0 -c host routerip to sniff the connection, i still see all the html and traffic flying by unencrypted as i make my changes to the router via the webinterface.
For Telnet:
ssh mylaptopip -L 10081:routerip:23
When i type in the Terminal telnet 127.0.0.1 10081 the Telnet Interface of my Router comes up and prompts me for a Password. When i sniff the Connection again, i can see my entered Password flying by as i press Enter to confirm the Password Entry.
Now the Question is, where is the security in this? Is my Connection encrypted, just not when i listen to traffic on my local NIC? Am i doing the tunnel wrong? Should the Syntax be
ssh notmylaptop -L 10080:routerip:23
It would be great if somebody can shed some light in this.
