SSH through HTTP proxy
SSH through HTTP proxy
Zeitoun.net
SSH through HTTP proxy
This article explains how to connect to a ssh server located on the internet from a local network protected by a firewall through a HTTPS proxy.
Requirement are :
Your firewall has to allow HTTPS connections through a proxy
You need to have root access to the server where ssh is listening
Configure the ssh server
The ssh daemon need to listen on 443 port. To accomplish this, just edit this file (on debian system)
/etc/ssh/sshd_config
and add this line :Port 443Then restart the daemon :
sudo /etc/init.d/ssh restartConfigure the client
I suppose you are on a Linux system (debian for example). First you have to compile the connect binary which will help your ssh client to use proxies (HTTPS in our case). Then you have to configure your ssh client to tell him to use HTTPS proxy when he tries to connect to your ssh server.
Install the
connect
software :
On debian system, just install the
connect-proxy
package :sudo apt-get install connect-proxyOn other Linux systems, you have to compile it :
cd /tmp/ wget http://www.meadowy.org/~gotoh/ssh/connect.cgcc connect.c -o connect sudo cp connect /usr/local/bin/ ; chmod +x /usr/local/bin/connectConfigure your ssh client. Open or create your
~/.ssh/config
file and add these lines :## Outside of the firewall, with HTTPS proxyHost my-ssh-server-host.net ProxyCommand connect -H proxy.free.fr:3128 %h 443 ## Inside the firewall (do not use proxy) Host * ProxyCommand connect %h %pThen pray and test the connection :
ssh my-ssh-server-host.netSSH to another server through the tunnel
For example to connect to in ssh
github.com
:Host github.com ProxyCommand=ssh my-ssh-server-host.net "/bin/nc -w1 %h %p"