Menu
I have no real idea what I'm doing here so please bear that in mind if you can help me!
I am trying to connect to my virtual server through a proxy but I can't connect, it just hangs. I'm assuming this is because it's not getting through our proxy.
I have tried exactly the same thing at home and it works perfectly. I'm on OSX using Terminal to connect.
Can anyone advise me how I can get through the proxy with SSH?
410
You need an SSH client that can issue CONNECT requests through the company HTTP proxy. If you're on Windows, using Putty is fine as it has built-in support for tunneling through a HTTP proxy. If you're on unix/linux (or cywgin) you can use openssh with corkscrew to go through the proxy to your home computer's port 443.
The "ProxyCommand" ssh directive allows you to connect to a computer behind a gateway machine without explicitly logging in to the gateway machine. You can use this directive to login to Astro cluster nodes from your laptop or desktop or to login to a BNL campus node from an Astro cluster node.
A special case of the forward TCP tunnels is the Socks proxy capability. Using these options, the SSH client listens on a specified binding port and acts as a SOCKS 4 or 5 proxy server. Note that we don't even need to specify the destination host and port for the forwarding in this case.
Here's how to do Richard Christensen's answer as a one-liner, no file editing required (replace capitalized with your own settings, PROXYPORT is frequently 80):
ssh USER@FINAL_DEST -o "ProxyCommand=nc -X connect -x PROXYHOST:PROXYPORT %h %p"
You can use the same -o ... option for scp as well, see my superuser answer.
If you get this in OS X:
nc: invalid option -- X
Try `nc --help' for more information.
it may be that you're accidentally using the homebrew version of netcat (you can see by doing a which -a nc command--/usr/bin/nc should be listed first). If there are two then one workaround is to specify the full path to the nc you want, like ProxyCommand=/usr/bin/nc ...
For CentOS nc has the same problem of invalid option --X. connect-proxy is an alternative, easy to install using yum and works --
ssh -o ProxyCommand="connect-proxy -S PROXYHOST:PROXYPORT %h %p" USER@FINAL_DEST
If your SSH proxy connection is going to be used often, you don't have to pass them as parameters each time. you can add the following lines to ~/.ssh/config
Host foobar.example.com
ProxyCommand nc -X connect -x proxyhost:proxyport %h %p
ServerAliveInterval 10
then to connect use
ssh foobar.example.com
Source here
38
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
