SSH via HTTP proxy

From ezUnix
Jump to: navigation, search
                                    pdf_icon.png Download this article as a single PDF document 


If you happen to be stuck behind a corporate firewall with only HTTP proxies for external access, you might still be able to SSH out through them using the built-in nc on OSX.


First, hope that the proxies haven't disabled the CONNECT method, then simply add a section to your .ssh/config like this:

    ProxyCommand          nc -X connect -x proxyhost:proxyport %h %p
    ServerAliveInterval   10

This will tunnel the connection through the HTTP proxy to the remote server.
The ServerAliveInterval setting is required as most proxies will drop the connection after a period of inactivity.

To avoid issues with trying to connect to the host when not behind the corporate firewall, replace the above with a fake entry for the proxy method like this:

    ProxyCommand          nc -X connect -x proxyhost:proxyport %h %p
    ServerAliveInterval   10

Then use

# ssh

when inside the firewall, and

# ssh

when outside.

Simple, no external software required.


<comments />

Cristina said ...

<comment date="2013-01-21T22:47:17Z" name="Cristina"> As a Rogue Tech Support Agent, I've been telling my detecjed Pre users to try a lanyard. The iPhone lacks a proper lanyard hole for this purpose, shame on them. </comment>