I own a VPS server at a hosting company which runs a SSH Server.
At home, I use Linux Mint with a SSH client configured to be a SOCKS proxy using SSH -D on port 8080. My Firefox is configured to use PORT 8080 on 127.0.0.1 as SOCKS5 proxy.
If I am accessing Gmail, first gmail on my browser will encrypt the data field of the TCP/IP packet with its SSL. However not the header information of the same. Since I am using SOCKS5, I understand this SSL encrypted data (inside the data field of the TCP/IP packet) will be again encrypted through the SSH tunnel I built.
Good now, data field twice encrypted before leaving home.
Question :
I understand that at the VPS server, all header information should be decrypted, But what about the header information in the TCP/IP packet before leaving home? i.e. the packets Source information and Destination Information? Are these at least encrypted between my remote VPS server and home?
Are these at least encrypted between my remote VPS server and home?
In short: yes.
In detail: SOCKS5 encapsulates (but not encrypts) all the traffic but the SSH tunnel then encrypts everything it transports, so this includes all the SOCKS5 traffic. At the end point (your VPS) it will decrypt the data from the tunnel, decode the SOCKS5 traffic and create the connections as defined by the SOCKS5 connection. Note, that this will not reuse the SOCKS5 connection but instead create new connections originating at the VPS. The payload will still be SSL encrypted because it was put in the SOCKS5 tunnel this way, but the TCP/IP will be in clear because otherwise no direct connections could be done to the target.