Re: SSH-client that suppports http-proxies AND dynamic tunnels?

From: Darren Tucker (dtucker@dodgy.net.au)
Date: 01/28/03

• Next message: Nico Kadel-Garcia: "Re: OpenSSH3.5p1 vs. Commercial SSH 3.2"
• Previous message: ftbee: "Re: ssh compatability issues"
• In reply to: Richard E. Silverman: "Re: SSH-client that suppports http-proxies AND dynamic tunnels?"
• Next in thread: Martin Forssen: "Re: SSH-client that suppports http-proxies AND dynamic tunnels?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: dtucker@dodgy.net.au (Darren Tucker)
Date: Tue, 28 Jan 2003 14:01:34 GMT

In article <m1ly955csy3.fsf@syrinx.oankali.net>,
Richard E. Silverman <slade@shore.net> wrote:
>
>What do you mean by "support for HTTP proxies?" No special support is
>needed -- if you forward a local port to a remote proxy and point your
>browser at the forwarded port as its proxy, it will work...

"Support for the ssh client making its connections via HTTP CONNECT"?

OpenSSH's ssh can use something like "connect"
(http://www.taiyo.co.jp/~gotoh/ssh/connect.html) as a ProxyCommand.
"connect" can use TCP, SOCKS or HTTP CONNECT to make the connection.
ssh can then run a dynamic port forward (-D) over that connection.

Assuming you're running some socksified app over that, you end up with:

App-(SOCKS)->ssh-(HTTP CONNECT)->proxy-(TCP 22)->sshd->App Server.

You have the SSH protocol between ssh and sshd, but instead of being
a single TCP connection on port 22, it's a connection to the proxy
on port 80/8080/3128, which issues a CONNECT to the ssh server on port
22. The dynamic port forwarding happens via the SSH protocol over that
channel.

Wow, this is getting more confusing the more I write, so I'll stop now.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

• Next message: Nico Kadel-Garcia: "Re: OpenSSH3.5p1 vs. Commercial SSH 3.2"
• Previous message: ftbee: "Re: ssh compatability issues"
• In reply to: Richard E. Silverman: "Re: SSH-client that suppports http-proxies AND dynamic tunnels?"
• Next in thread: Martin Forssen: "Re: SSH-client that suppports http-proxies AND dynamic tunnels?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages UPDATE: Re: Question regarding SSH via Lantronix SCS100 ... to do SSH and to authenticate the SSH connection with a local ... unexpectedly closed connection'. ... CONSOLE or AUX port on the router, or does it matter, and what ... (comp.dcom.sys.cisco) Re: SSH options re: NAT ... No, SSH is two-fold, a call to it on the client side results in a call ... port, meaning that any connections that come into that port are answered ... programming practice for daemons) Once the connection is established, ... don't want to execute a command on the remote side and you use -N. ... (comp.security.ssh) Re: OpenSSH remote port forwarding ... use an outgoing SSH connection from here to the Internet... ... Incoming SSH it is possible and it is working. ... > I read many docs on the OpenSSH port forwarding, ... > (this command should open an ssh connection to public-machine and there, ... (comp.security.ssh) Re: SFTP ... > avoid port transient net devices dropping port 22 ... Port 21 is allocated for FTP, not SSH. ... SSH connection. ... Do not get it mixed up with FTPS. ... (SSH) Re: SSH tunneling/port forwarding and stateful packet inspection ... > have reconfigured SSH to run over port 443 the trace shows it as SSL ... Your packet trace identifies the TCP connection as ... (comp.security.ssh)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint