When using an open wireless network, all traffic between your laptop and the access point is sent in the clear to anyone in range. When using WEP, anyone who shares the same WEP key can listen in on your traffic as if it were an open network. How can you protect your data from prying eyes while using wireless? The best possible protection is provided by end-to-end encryption. This is provided by tools such as SSL, PPTP, and SSH. For example, browsing to an SSL-enabled web page will keep your conversation private, leaving any would-be eavesdroppers with data that looks much like line noise. The encryption and identification facilities provided by the 128-bit SSL implementation are widely regarded as good enough for use over untrusted networks, like wireless.

SSL may be fine for web pages (and some mail clients), but what about protecting other traffic? This section describes one method for securing your email using OpenSSH.^[14] For a more thorough exploration of the possibilities of SSH, I highly recommend SSH: The Secure Shell, also published by O’Reilly.

OpenSSH is being developed for BSD, but thanks to the great work by their porting team, it compiles under many Unix-like operating systems (including Linux, Solaris, HP/UX, MacOS X, and many others). You can even use it in Windows, using the Cygwin package. Check out http://www.cygwin.com and download it now, if you haven’t already. It almost makes Windows fun to use!

Download OpenSSH and build it. You’ll also need ...