Next: , Previous: Multi-hops, Up: Configuration

5.9 Passing firewalls

Sometimes, it is not possible to reach a remote host directly. A firewall might be in the way, which could be passed via a proxy server.

Both ssh and PuTTY support such proxy settings, using an HTTP tunnel via the CONNECT command (conforming to RFC 2616, 2817 specifications). Proxy servers using HTTP 1.1 or later protocol support this command.

5.9.1 Tunneling with ssh

With ssh, you could use the ProxyCommand entry in the ~/.ssh/config:

     Host host.other.domain
          ProxyCommand nc -X connect -x proxy.your.domain:3128 %h %p

nc is BSD's netcat program, which establishes HTTP tunnels. Any other program with such a feature could be used as well.

In the example, opening /ssh:host.your.domain: passes the HTTP proxy server ‘proxy.your.domain’ on port 3128.

5.9.2 Tunneling with PuTTY

PuTTY does not need an external program, HTTP tunnel support is built-in. In the PuTTY config program, create a session for ‘host.your.domain’. In the Connection/Data entry, select the HTTP option, and add ‘proxy.your.domain’ as Proxy hostname, and 3128 as Port.

Opening /plinkx:host.your.domain: passes the HTTP proxy server ‘proxy.your.domain’ on port 3128.