How to go through a company proxy with ssh ?
Robert McKay
robert@mckay.com
Thu Oct 26 18:30:00 GMT 2006
On 10/26/06, Teggy P Veerapen <tve.ml@online.fr> wrote:
> Hi,
>
> Thanks guys for all these informations ... In fact, I have tried both solutions
> connect and corkscrew but I haven't been able to connect through the proxy with
> neither utility. I am getting a forbidden message and if I turn debug option on
> when using connect, I get something like that:
>
> ---8<---------------
> ...
> DEBUG: begin_http_relay()
> DEBUG: >>> "CONNECT 82.231.204.246:80 HTTP/1.0rn"
> DEBUG: >>> "rn"
> DEBUG: <<< "HTTP/1.0 403 Forbiddenrn"
> DEBUG: http proxy is not allowed.
> FATAL: failed to begin relaying via HTTP.
> ssh_exchange_identification: Connection closed by remote host
> ---8<---------------
>
> I would presume that the proxy is somehow checking that http requests are going
> through and all it's seeing is ssh requests. Does that seem plausible to you
> that the proxy is indeed checking the request ?
>
> Or am I making a mistake when using the utility (configuration seems fairly
> simple and straightforward to me) ?
>
While this is probably straying off-topic for the cygwin mailinglist..
The forbidden error is likely because you are trying to connect to
port 80 rather than port 443 (the https port). Try running sshd on
port 443 instead (simply add another listen directive to your
sshd_config file. Port 443 is often the only port you are allowed to
'CONNECT' to.
I've actually developped a novel hack to use http proxies that doesn't
use CONNECT but rather the standard GET and POST requests. It just
uses two simultaneous http requests (one always GETing the other
always POSTing).
http://wari.mckay.com/~rm/proxy2ssh/
You'll also see a simple CONNECT script there as well that uses nc.
I've used both scripts under cygwin without difficulty.
Regards,
Robert.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list