Tuesday, December 16, 2008

tunneling ssh through proxy server

I needed to create a secure SSH connection to my Fedora box at home. However, I am behind a proxy server at work and SSH doesn't have switches that allow it to get through a proxy. So in combination with ntlmaps and the corkscrew program, Open Source helped me do this in a quick and easy way.

Here's a sample .ssh/config file that works for corkscrew:
sodo@linux-z6tw:~> cat .ssh/config
ProxyCommand /usr/local/bin/corkscrew 0.0.0.0 5865 %h %p


Note the 0.0.0.0. This is because ntlmaps is listening on all ports:
sodo@linux-z6tw:~> NTLM authorization Proxy Server v0.9.9.0.1
Copyright (C) 2001-2004 by Dmitry Rozmanov and others.
Now listening at linux-z6tw on port 5865


sodo@linux-z6tw:~> netstat -na | grep "LISTEN "
tcp 0 0 0.0.0.0:5865 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN


Here is the corkscrew home page:
http://www.agroman.net/corkscrew/

Here is a great instruction set for corkscrew:
http://www.mtu.net/~engstrom/ssh-proxy.php
and here is a second link, just in case:
http://lindesk.com/2007/04/using-ssh-over-a-proxy

Now I am able to securely connect and grab files from my home PC. Yeah!
TAG
Feel free to drop me a line or ask me a question.