Difference between revisions of "Tunneling SSH through HTTP proxies using HTTP Connect"

From ArchWiki
Jump to navigation Jump to search
(Creating the tunnel: (Adding a few explanations + how to make the socks5 proxy available for other hosts))
(Using the tunnel: updating the link)
Line 18: Line 18:
== Using the tunnel ==
== Using the tunnel ==
See [[Using a SOCKS proxy]].
See [[Proxy settings #Using a SOCKS proxy]].
== See also ==
== See also ==

Revision as of 10:01, 25 July 2014

To open the connection to the server running the SSH daemon we will use the HTTP CONNECT method which allows a client to connect to a server through an HTTP proxy by sending an HTTP CONNECT request to this proxy.

Tip: If your proxy does not support the HTTP Connect method, see HTTP Tunneling.

Creating the tunnel

For this we will use corkscrew, available in [community], which is «a tool for tunneling SSH through HTTP proxies».

Opening an SSH connection is pretty simple:

ssh user@server -o "ProxyCommand corkscrew $proxy_ip_or_domain_name $proxy_port $destination_ip_or_domain_name $destination_port"

Note that in some cases, the proxy server only allows you to connect to distant hosts on certain ports (e.g. 80, 443) ; so you'll have to make sure your distant server is listening on one of those.

In case we want to create a SOCKS tunnel, the command is :

ssh -ND $port user@server -o "ProxyCommand corkscrew $proxy_ip_or_domain_name $proxy_port $destination_ip_or_domain_name $destination_port"

This creates a SOCKS proxy on localhost:$port. In case you want to make this socks proxy available for other hosts on the local network, add -g at the end of this command, and set GatewayPorts to yes in the /etc/ssh/sshd_config of the distant host.

Using the tunnel

See Proxy settings #Using a SOCKS proxy.

See also

ProxyCommand /usr/bin/proxytunnel -p some-proxy:8080 -d www.muppetzone.com:443
To open a connection:
ssh user@server -o "ProxyCommand=nc {{Ic|-X connect -x $proxy_ip_or_domain_name:$proxy_port %h %p}}"