SSH over HTTP_PROXY tunneling
id : u0n9ov4mcn
category : computer
blog : unixlinux
created : 06/04/10 - 11:02:57

Pre-requisite
  • An access to an internal http proxy, no matter listening port.
  • An access to an external http proxy with ssh listening on port 80 or 443, or a port allow by your internal proxy.
  • You can use gcc/make on your server.

Corckscrew way
  • Download Corkscrew sources on www.agroman.net :
# wget http://www.agroman.net/corkscrew/corkscrew-2.0.tar.gz
# tar xzf corckscrew-2.0.tar.gz

  • Compile sources :
# cd corkscrew-2.0
# ./configure
# make


Configure your ssh client
  • Edit your ssh configuration file
# vi ~/.ssh/config
Host <external_proxy_ip>
        ProxyCommand ~/corkscrew-2.0/corkscrew <internal_proxy_ip> <internal_proxy_listenning_port> %h %p ~/.ssh/proxyauth

  • Edit your proxyauth file if your internal proxy need an authentication :
# vi ~/.ssh/proxyauth
<username>:<password>

  • If your a are using a non-authenticated internal http proxy, just drop evry reference to proxyauth file.

Connect to your external proxy
  • Make your ssh tunnel :
# ssh -p <extrnal_proxy_ssh_port> <external_proxy_user>@<external_proxy_ip> -L <local_server_port>:localhost:<external_proxy_listening_port>

  • Check if tunnel is correct by using netstat command :
# netstat -lntp


Export HTTP_PROXY on server
# export HTTP_PROXY=http://localhost:<local_server_port>


Edit your wgetrc
# vi ~/.wgetrc
http_proxy = http://localhost:8888
ftp_proxy = http://localhost:8888


Well, you are done, you're like at home :-)