Arch Linux

joaocandre

Member

Registered: 2013-02-23

Posts: 166

[Solved] SSH over a HTTP proxy?

I'm trying to bypass the proxy in my university's eduroam network (nothing malicious, just to access my home data server and be able to retrieve some files), but I'm encoutering some trouble. Not being an expert at this, I think I need to set up some kind of HTTP tunneling, as described in HTTP tunneling. Trying with corkscrew throws up the following error:

Proxy could not open connnection to [host].ddns.net:  Forbidden
ssh_exchange_identification: Connection closed by remote host

Since the wiki claims that for corkscrew to work, the proxy needs to support HTTP CONNECT, I'm wondering if this is the source of this error or if there might be something else I need to configure in order for it to work? I'm using SSH keys to authenticate (works over an open network), and I'm not using the default port 22 for the SSH protocol on the remote server.

Alternatively, I've also found some more complex ways to achieve this: as described here - but is there need for such an approach?

Last edited by joaocandre (2015-03-30 18:57:43)

bulletmark

Member

From: Brisbane, Australia

Registered: 2013-10-22

Posts: 683

Re: [Solved] SSH over a HTTP proxy?

Try the simple solution first. Just forward port 443 on your home router to port 22 on your home linux server. Then at uni, just ssh -p 443 home-server (or equivalent in putty or whatever). That has always worked for me out through corporate firewalls etc.

[PS: Of course I am assuming you have no need for a real https server at home.]

Last edited by bulletmark (2015-03-27 13:07:36)

joaocandre

Member

Registered: 2013-02-23

Posts: 166

Re: [Solved] SSH over a HTTP proxy?

Try the simple solution first. Just forward port 443 on your home router to port 22 on your home linux server. Then at uni, just ssh -p 443 home-server (or equivalent in putty or whatever). That has always worked for me out through corporate firewalls etc.

[PS: Of course I am assuming you have no need for a real https server at home.]

This assumes the proxy lets ssh connections trough port 443 right? Going to try that as soon as I have access to my home server.

bulletmark

Member

From: Brisbane, Australia

Registered: 2013-10-22

Posts: 683

Re: [Solved] SSH over a HTTP proxy?

This assumes the proxy lets ssh connections trough port 443 right?

Yes, it assumes the corporate/uni firewall/proxy lets an outgoing ssh connection out thinking it is a normal https connection. I've not seen one smart enough to block this but apparently "deep packet inspection" firewalls do exist. That's why I said to at least try this simple approach first. You could also try port 53 (DNS) other than 443 [Add forwards for both home router ports 53 and 443 to home-server:22 before you go to uni].

tomk

Forum Fellow

From: Ireland

Registered: 2004-07-21

Posts: 9,839

Re: [Solved] SSH over a HTTP proxy?

Back when I needed to do this, I used httptunnel, and it worked fine. Wasted many hours of company time with it.

ewaller

Administrator

From: Pasadena, CA

Registered: 2009-07-13

Posts: 20,353

Re: [Solved] SSH over a HTTP proxy?

Moderator comment:  Ahem;  however we do not condone such activity.

---

Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

joaocandre

Member

Registered: 2013-02-23

Posts: 166

Re: [Solved] SSH over a HTTP proxy?

Forwarding port 443 was enough for SSH to work, issue solved. I'm still going to look into httptunnel, might come in handy.

Saren

Member

Registered: 2014-04-02

Posts: 13

Re: [Solved] SSH over a HTTP proxy?

My school allows only 53, 80, 443, 8080. Have luck finding unblocked ports in your school wifi.

Last edited by Saren (2015-04-02 18:57:53)