Howto make an ssh connection through a proxy that accepsts the CONNECT command, which is required for SSL connections to work through a web proxy. (squid, dante, etc) Make use of the ProxyCommand in local ~/.ssh/config

• ProxyCommand /usr/bin/corkscrew proxy.example.com 8080 %h %p
  • %h is the host you plan to connect to on %p ssh port

The ProxyCommand option can invoke another application, and we use this functionality to invoke a perl script that handles HTTP proxies. The perl script can be found at the below-included link. The perl script can be used with the instructions in the comments to connect an ssh session to the remote host. The below example screen shows how I use the script and config file to connect to a host through a proxy server.

host$ cat ~/.ssh/config
Host myserver-proxy
	ProxyCommand /home/user/bin/ssh-tunnel.pl proxy-server proxy-port myserver 22

host$ ssh myserver-proxy

We can use the same sorts of commands with SCP. The below command line will execute the ProxyCommand, attempt to connect to the end server as the indicated user (-l doesn’t work with SCP), and then copy the specified file back.

host$ scp user@myserver-proxy:/path/to/file /local/file/path

• Corkscrew - ssh proxy written in C (Also referenced on wikipedia)
• Proxytunnel, Connect.c to establish proxy connection
• Perl Script ssh-tunnel.pl (local ssh-tunnel.pl copy)
  • We can edit the perl script to handle multiple HTTP proxy servers. Changes needed include:
    • Editing line 36 to include all of the command line options that we need to specify (the proxy ips and ports for every server)
    • Copying lines 73 - 83 once for every proxy server and editing line 74 to reference the proper variables for each proxy server

• Related: Yet Another Proxy Hunter, Proxifier, ProxyChains

• Thanks to Eric for the introduction to this stuff and ssh-tunnel perl script