Tag Archives: proxy

SSH through an HTTP proxy

Posted on by
Reply

To SSH (OpenSSH) through an HTTP proxy, you can use the ProxyCommand config option with one of several programs that know how to talk to an HTTP proxy using the HTTP CONNECT method. The one I use is called corkscrew and it works equally well on Linux and Cygwin.

Something like this will do the trick to let you connect through an HTTP proxy to a home server that has an sshd running on port 1234.

Host home
	User            	marc
	HostName        	dns.home.org
	Port            	1234
	ServerAliveInterval 	30
	ProxyCommand    	/usr/bin/corkscrew proxy.corporation.com 3128 %h %p

Once you have one host that you can connect to through the proxy, you can even use that host to get to other hosts.

Host webhost
	User            	marc
	HostName        	dns.webhost.com
	ServerAliveInterval 	30
	ProxyCommand    	/usr/bin/ssh home nc -w 600 %h %p

HTTP Proxy Client

Posted on by
Reply

From http://httppc.sourceforge.net/:

HTTP Proxy Client is the small set of libraries and scripts, which provides transparent access to Internet via HTTP proxy for programs, which uses TCP/IP for communication.

The list of programs includes: telnet, ftp, licq, cvs, smth else? Project implements dynamic library, that can be preloaded before program run. The library substitutes some system calls (connect(), gethostbyaddr(), gethostbyname()), with calls, which makes TCP/IP connection through HTTP proxy. This allows client programs behind HTTP proxy work with Internet without limitations.

Sort of like tsocks (which I’ve blogged about before), but for an HTTP proxy rather than a SOCKS proxy.

I have everything working through our proxy at work. These days most programs are pretty good about respecting the http_proxy environment variable, and then some others have their own funky configuration like Firefox, Eclipse, and Subversion (see here). I’m jotting down a note about httppc, because I’m sure that now I’ve said that all my programs work through the proxy, I will soon find one that doesn’t and will be searching for something like this.

Using an HTTP proxy (shown via netcat)

Posted on by
Reply

Ever wonder how applications talk to HTTP proxies? It’s simple really (like the rest of HTTP) – there’s a simple HTTP request method called CONNECT. It’s easily illustrated with a quick session of netcat:

$ nc -v proxy.foobar.com 3128
proxy.foobar.com [10.xx.xx.xxx] 3128 (?) open : Operation now in progress
CONNECT marc-abramowitz.com:80 HTTP/1.0

HTTP/1.0 200 Connection established

GET / HTTP/1.1
Host: marc-abramowitz.com

HTTP/1.1 200 OK
Date: Fri, 21 Sep 2007 00:02:34 GMT
.........

Nothing magical.

The above process can be done with a program, of course. The one I am most familiar with is called corkscrew. With it you can do things like:

$ corkscrew proxy.foobar.com 3128 marc-abramowitz.com 80
GET / HTTP/1.1
Host: marc-abramowitz.com

HTTP/1.1 200 OK
Date: Wed, 28 Nov 2007 19:03:29 GMT
...

The corkscrew program is very useful in particular with the ProxyCommand config directive in OpenSSH as discussed in my post on using SSH though an HTTP proxy.