How to tunneling SSH through HTTP proxies

My workplace uses a HTTP proxy. When I want to SSH into my VPS is always failed because it was blocked. Therefore, I use Corkscrew.

What is Corkscrew?

Corkscrew is a program enables the user to tunnel arbitrary TCP connections through most HTTP and HTTPS proxy servers. Combined with features of SSH such as port forwarding, this can allow many types of services to be run securely over the SSH via HTTP connections.

How to Install Corkscrew?

I’m using Ubuntu here, so here’s what I do to install corkscrew:

sudo apt-get install corkscrew

Next, use your favorite text editor to create or edit SSH config file at your home directory. I’m using vim here.

vim ~/.ssh/config

Add these lines, adjust the value of proxyhostname and proxyport according to your network.

Host *
ProxyCommand corkscrew proxyhostname proxyport %h %p

Save the file and exit from the text editor. [Press ESC, then type :wq]

…to be continued

What if my HTTP proxy uses authentication?

If we need to enter username and password each time we’re using HTTP proxy, then we must tell corkscrew about the username and password, by creating .corkscrew-auth file on our home directory.

vim ~/.corkscrew-auth

Insert this line, and don’t forget to change the value of username and password.

username:password

And also edit the SSH config file that we have just created before. You need to change the bold section into the location of your .corkscrew-auth file.

Host *
ProxyCommand corkscrew proxyhostname proxyport %h %p /home/wks-401/.corkscrew-auth

That’s it. Now each time you’re opening ssh connection, corkscrew will make it go through your HTTP proxy.

ssh target_ip_or_host

What if I don’t wanna edit my SSH config file?

No worries. You can always run corkscrew with this command:

corkscrew  proxy  proxyport  targethost  targetport  [ authfile ]
  • proxy – This is the name of the host running the HTTP proxy.
  • proxyport – This is the port on which to connect on the proxy.
  • target – This is the host to reach through the proxy.
  • targetport – This is the port to connect to on the target host.
  • [ authfile ] – This is the location of your .corkscrew-auth file