# I feel so disconnected... (ssh via http proxy)

## metalhedd

Does anyone know of a way that I can ssh to my home machine while im at work.  we use an http proxy.  I'm not sure what other restrictions are nset up, its probably pretty tight security since i work for a lottery corporation.. Anyway I'm sitting at a lousy NT4 machine and I can't get to MY Computer!  I'm willing to hear any realistic options that don't involve making changes to the firewall/proxy itself (Since i don't think i'll be able to convince security to open up a hole for me  :Smile: 

----------

## lamer

is an ssh java applet. Run it from a webserver at your house. or  you could spawn an sshd on port 80 at home.

----------

## phaze3k

A Java applet really isn't going to help anyone who only has access via a web proxy, and neither is running sshd on port 80.

You might want to try Desproxy at http://desproxy.sourceforge.net/ although there are a few similar programs about that could also be worth a look.

----------

## biffhardwell

Yes, it's possible. Go to CPAN and get http://www.cpan.org/authors/id/T/TE/TECHNIK/tunnel-auth-03.pl

This supports tunneling arbitrary protocols over HTTPS through a proxy server, even if it requires authentication.

This was very cool for me: I was sitting behind a very restrictive firewall at a gig at a bank. It encrypted everything through SSL, it spoofed the authentication headers to look like the bank's normal browser (so the security guys would notice absolutely nothing unusual in their logs, although it's doubtful the slackers even looked...), and it sent everything through HTTPS so it looked like normal browser traffic.

Requirements are:

perl on your nt machine (could do activestate, or for a *very* lightweight distro, try indigo, which requires no install and could run from a cd you burn, leaving no trace...)

sshd on the server you're connecting to listening on a port your firewall will allow you to talk to; for me, the obvious choice was to have sshd listen on port 443 so it looked like an HTTPS connection.

putty or the like for the ssh part. if you want traceless running, stick this on the cd with perl...

Hope this helps.

Oh, btw, I at first had problems getting the authentication right. I eventually resorted to just telnetting to the proxy server and feeding it requests, looking at the responses and figuring out what it wanted. I had to tweak the script just a snizz to make the proxy like me. That's purely proxy-dependent; the script should work for the majority of proxies out there.

p.s. I now use a vastly better solution: I go grab a latte at the Starbucks downstairs and use their tmobile 802.11 wireless net from my laptop running a *real* operating system... much less klunky.

----------

