Ssh through an autheniticating proxy

Posted on 2000-05-05
Last Modified: 2013-11-18

I am trying to establish an Ssh connection to an external host from behind a rather restrictive proxy.  The proxy only allows port 80 and 443, and I must authenticate (username & password) before it lets me through.

I think I solved the port problem, I reconfigured the remote host's SSHD to listen on 443.

The problem is (I think): how to I authenticate through the proxy?

I am using Tera Term Pro (TTP) with the Ssh extension.  TTP does not seem to offer an facility for dealing with this barrier.

Does anyone know how to make TTP work, or know of some other free software I can use?  Whatever the solution, it needs to have Ssh forwarding support.

Thanks in advance,
Question by:cubedweller
  • 2
  • 2
LVL 40

Expert Comment

ID: 2784124
I don't think you'll be able to do that because the proxy is going to require that you authenticate using http protocol. Also, once authenticated the proxy will only be sending and expecting SSL encrypted http protocol data. In other words, you can't tunnel some other protocol stream (like ssh) through a proxy. If it were a simple firewall that restricted traffic to those ports you could tunnel ssh trough on 443.

Author Comment

ID: 2784185
Can I tunnel the entire session through HTTP packets?  I know I have seen tools to do this, but I can't remember where or how to implement them.

LVL 40

Expert Comment

ID: 2784414
I know that tunnels like that do exist for some things, I don't know if there's one for SSH. I've done a bit of web searching, but all I see related to this is people talking about adding plug-ins to proxy servers to allow ssh tunneling. I don't see anything that suggests that there's an ssh client/server that can directly tunnel through an unmodified proxy server. Maybe you'll have better luck in a web search.

Accepted Solution

rtheriot earned 150 total points
ID: 2794804
This kind of works around you problem,
but there is an implementation of ssh, written i believe in java, called mindterm.

you could literally load up a page with the mindterm applet running on the machine you want to connect to, and tell mindterm to connect to the local host.



Author Comment

ID: 2834680

Thanks for the answer.  I installed the software, and it is very cool, but unfortunately doesn't work in my environment.  I'm really not sure why I can't get it to work, but I am told that soon our proxy will no longer require authentication.  This will hopefully render the entire issue moot.

Thanks anyway,

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
In this article you will learn how to create a free basic website on Bitbucket, a git service provider. Polymer creates dynamic HTML components, which allow more flexibility than static HTML. This tutorial uses Ubuntu Linux but can also be done on W…
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…

827 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question