[Gllug] Can I get this to work?

Robert McKay robert at mckay.com
Sun Jan 18 08:54:18 UTC 2004


On Sat, Jan 17, 2004 at 02:15:34PM +0000, Adrian McMenamin wrote:
> Most weeks I spend three or four days working in a building where everything 
> is firewalled out except for proxied connections. In other words if I try to 
> run an ssh client I can neither resolve names nor even connect when I use the 
> dotted numbers.
> 
> However I can use the provided browser (which has some sort of proxy 
> connection - which I can guess at) to connect to any port on any real world 
> machine eg attempting to access http://mymachine.org.uk:22 will put an sshd 
> version string up in my browser window etc.

I don't know if this will work under cygwin, but I don't see why it
shouldn't. Just get yourself a copy of cygwin openssh and bash:

On the ssh server you're connecting to, add a Port 443 directive to 
/etc/ssh/sshd_config (or wherever you keep sshd_config). This makes your
ssh server listen on port 443 (the https port) as well as port 22.

Now create a proxy.sh on the client,  something like this:

#!/bin/sh

PROXY=your.proxy.server.com
PORT=8080

(
        echo -e "CONNECT $1:$2 HTTP/1.1\nHost: $1\n\n";
        cat
) | nc $PROXY $PORT | (
                head -2 >/dev/null # Mmmm.. yummy HTTP response. *burp*
                cat
)

Then add this to your client's ~/.ssh/config file (create as needed):

ProxyCommand /path/to/proxy.sh %h %p

Then just ssh/portforward/scp as per usual (note the -p to specify port 443;
the https port.)

ssh -p 443 user at yoursite.com

You could also hard code 443 into the proxy.sh, saving yourself the 
keystrokes if your proxy server doesn't allow CONNECTing to ports other 
than 443 anyway... 

Cheers,

Robert.
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list