No, it’s not good enough. SSL certificates can be faked and SSL encryption can be broken. You also have to worry about people sniffing unencrypted traffic during the initial communication with the website. Accidentally leaving the “remember me” checkbox enabled would create a cookie that could be intercepted and used to automatically login as you to the remote site (think GMail, Twitter, Facebook, Amazon, etc.)

I no longer use this SSH tunneling method only because it’s more complicated than is necessary. You also have to worry about changing the settings on your browser to use the tunnel.

I now use a VPN. As soon as I connect to a wireless network, I immediately start the VPN tunnel (one mouse click). Once I’m connected to the VPN tunnel, all the Internet traffic from my computer gets routed through the tunnel, regardless of what application uses the Internet.

I recommend Private Internet Access for a VPN tunnel service. They have lots of helpful documentation on their website that explains how to set things up on your computer.