Tjyylli

Why is Agricola named as such?

A starship is travelling at 0.9c and collides with a small rock. Will it leave a clean hole through, or will more happen?

How can my powered armor quickly replace its ceramic plates?

Can we harness gravitational potential energy?

What are the exceptions to Natural Selection?

Can you tell from a blurry photo if focus was too close or too far?

Non-Cancer terminal illness that can affect young (age 10-13) girls?

It took me a lot of time to make this, pls like. (YouTube Comments #1)

How do you funnel food off a cutting board?

Why don't hotels mount air conditioning units outside the rooms?

What is the purpose of easy combat scenarios that don't need resource expenditure?

Do theoretical physics suggest that gravity is the exchange of gravitons or deformation/bending of spacetime?

Play Zip, Zap, Zop

How can I get my players to come to the game session after agreeing to a date?

Why would space fleets be aligned?

Why did the villain in the first Men in Black movie care about Earth's Cockroaches?

How can I play a serial killer in a party of good PCs?

Citing paywalled articles accessed via illegal web sharing

How old is the day of 24 equal hours?

Consequences of lack of rigour

In Linux what happens if 1000 files in a directory are moved to another location while another 300 files were added to the source directory?

Numbers with a minus sign in a matrix not aligned with the numbers without minus sign

Is boss over stepping boundary/micromanaging?

Has any human ever had the choice to leave Earth permanently?

Bypassing workplace HTTP proxy (using SSH, or other)

SSH to Cygwin is slow to respondSSH passwordless authentication failureServer connection closed by remote hostSSH 'Host key verification failed' errorSSH error ssh_exchange_identification: read: Connection reset by peerDid I just send my private ssh key?unable to ssh after generated public and private keys in windows 7Unable to connect to SSH after generated public key and private keyTunneling ssh through draconic http proxyRsync via SSH doesn't work

0

1. The workplace proxy (from here workproxy) is on port 8080; it requires NTLM authentication. I've been able to achieve this using NTLMAPS. I've tested NTLMAPS using all of my browsers, and the manual NTLM authentication works fine. The proxy seems to allow some HTTPS (port 443) connections, as I'm able to bank within the country, but not with a foreign bank.




2. I've setup a home machine (let's call it homesvr), also Windows, to run an SSH server on port 443, everything with regards to the SSH server works. (I'm running it on Cygwin).




3. On the work machine I have Cygwin, and I'm attempting to SSH to homesvr using the following settings --

~/.SSH/config:

Host *

ProxyCommand corkscrew localhost 5865 %h %p /home/WinUser/.SSH/home.auth

~/.SSH/home.auth:

HomeWinUser:HomeWinPass

SSH -v homesvr -p 443 output is ...

OpenSSH_5.8p1, OpenSSL 0.9.8r 8 Feb 2011

debug1: Reading configuration data /home/WinUser/.ssh/config

debug1: Applying options for *

debug1: Reading configuration data /etc/ssh_config

debug1: Executing proxy command: exec corkscrew 127.0.0.1 5865 homesvr 443 /home/WinUser/.ssh/home.auth

debug1: permanently_drop_suid: 400

debug1: identity file /home/uidb5693/.ssh/id_rsa type -1

debug1: identity file /home/uidb5693/.ssh/id_rsa-cert type -1

debug1: identity file /home/uidb5693/.ssh/id_dsa type -1

debug1: identity file /home/uidb5693/.ssh/id_dsa-cert type -1

debug1: identity file /home/uidb5693/.ssh/id_ecdsa type -1

debug1: identity file /home/uidb5693/.ssh/id_ecdsa-cert type -1

pause

ssh_exchange_identification: Connection closed by remote host

It seems as though the connection is established, but it is not authenticating properly with homesvr and hence timing out on login. Removing the home.auth file from .ssh/config results in the same behavior.

This has frustrated me for nearly a week. Any advice is highly appreciated.

ssh http https sshd http-proxy

share|improve this question

edited May 10 '11 at 13:54

user80096

asked May 6 '11 at 19:07

user80096user80096

13

bumped to the homepage by Community♦ 4 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Assuming it doesn't require authentication because you don't get prompted probably isn't a good idea. If you are on a domain at work your browser could be silently passing your NTLM credentials.
  
  – Zoredache
  May 6 '11 at 19:32
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  It seems as though you are absolutely right about the NTLM credentials being passed to the workproxy. I've successfully used ntlmaps to authenticate "manually", by running a local proxy (ntlmaps) and passing it my correct plain text credentials. Now instead of receiving the Proxy Authorization Required error, the terminal hangs on the debug message right before that and doesn't give me any chance to enter my password on the SSH server. It seems as though I've done the hard part, I've bypassed the proxy and connected, now I just need to forward the output
  
  – user80096
  May 6 '11 at 20:15
  

  
  
  
  


• 
  
  
  

  
  3
  

  
  
  
  
  
  

  
  
  Standard disclaimer: you're responsible for the consequences if you get in trouble with your IT department or management for trying to bypass their proxy.
  
  – nhinkle♦
  May 7 '11 at 19:01
  

  
  
  
  

add a comment | 

0

1. The workplace proxy (from here workproxy) is on port 8080; it requires NTLM authentication. I've been able to achieve this using NTLMAPS. I've tested NTLMAPS using all of my browsers, and the manual NTLM authentication works fine. The proxy seems to allow some HTTPS (port 443) connections, as I'm able to bank within the country, but not with a foreign bank.




2. I've setup a home machine (let's call it homesvr), also Windows, to run an SSH server on port 443, everything with regards to the SSH server works. (I'm running it on Cygwin).




3. On the work machine I have Cygwin, and I'm attempting to SSH to homesvr using the following settings --

~/.SSH/config:

Host *

ProxyCommand corkscrew localhost 5865 %h %p /home/WinUser/.SSH/home.auth

~/.SSH/home.auth:

HomeWinUser:HomeWinPass

SSH -v homesvr -p 443 output is ...

OpenSSH_5.8p1, OpenSSL 0.9.8r 8 Feb 2011

debug1: Reading configuration data /home/WinUser/.ssh/config

debug1: Applying options for *

debug1: Reading configuration data /etc/ssh_config

debug1: Executing proxy command: exec corkscrew 127.0.0.1 5865 homesvr 443 /home/WinUser/.ssh/home.auth

debug1: permanently_drop_suid: 400

debug1: identity file /home/uidb5693/.ssh/id_rsa type -1

debug1: identity file /home/uidb5693/.ssh/id_rsa-cert type -1

debug1: identity file /home/uidb5693/.ssh/id_dsa type -1

debug1: identity file /home/uidb5693/.ssh/id_dsa-cert type -1

debug1: identity file /home/uidb5693/.ssh/id_ecdsa type -1

debug1: identity file /home/uidb5693/.ssh/id_ecdsa-cert type -1

pause

ssh_exchange_identification: Connection closed by remote host

It seems as though the connection is established, but it is not authenticating properly with homesvr and hence timing out on login. Removing the home.auth file from .ssh/config results in the same behavior.

This has frustrated me for nearly a week. Any advice is highly appreciated.

ssh http https sshd http-proxy

share|improve this question

edited May 10 '11 at 13:54

user80096

asked May 6 '11 at 19:07

user80096user80096

13

bumped to the homepage by Community♦ 4 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Assuming it doesn't require authentication because you don't get prompted probably isn't a good idea. If you are on a domain at work your browser could be silently passing your NTLM credentials.
  
  – Zoredache
  May 6 '11 at 19:32
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  It seems as though you are absolutely right about the NTLM credentials being passed to the workproxy. I've successfully used ntlmaps to authenticate "manually", by running a local proxy (ntlmaps) and passing it my correct plain text credentials. Now instead of receiving the Proxy Authorization Required error, the terminal hangs on the debug message right before that and doesn't give me any chance to enter my password on the SSH server. It seems as though I've done the hard part, I've bypassed the proxy and connected, now I just need to forward the output
  
  – user80096
  May 6 '11 at 20:15
  

  
  
  
  


• 
  
  
  

  
  3
  

  
  
  
  
  
  

  
  
  Standard disclaimer: you're responsible for the consequences if you get in trouble with your IT department or management for trying to bypass their proxy.
  
  – nhinkle♦
  May 7 '11 at 19:01
  

  
  
  
  

add a comment | 

1. The workplace proxy (from here workproxy) is on port 8080; it requires NTLM authentication. I've been able to achieve this using NTLMAPS. I've tested NTLMAPS using all of my browsers, and the manual NTLM authentication works fine. The proxy seems to allow some HTTPS (port 443) connections, as I'm able to bank within the country, but not with a foreign bank.




2. I've setup a home machine (let's call it homesvr), also Windows, to run an SSH server on port 443, everything with regards to the SSH server works. (I'm running it on Cygwin).




3. On the work machine I have Cygwin, and I'm attempting to SSH to homesvr using the following settings --

~/.SSH/config:

Host *

ProxyCommand corkscrew localhost 5865 %h %p /home/WinUser/.SSH/home.auth

~/.SSH/home.auth:

HomeWinUser:HomeWinPass

SSH -v homesvr -p 443 output is ...

OpenSSH_5.8p1, OpenSSL 0.9.8r 8 Feb 2011

debug1: Reading configuration data /home/WinUser/.ssh/config

debug1: Applying options for *

debug1: Reading configuration data /etc/ssh_config

debug1: Executing proxy command: exec corkscrew 127.0.0.1 5865 homesvr 443 /home/WinUser/.ssh/home.auth

debug1: permanently_drop_suid: 400

debug1: identity file /home/uidb5693/.ssh/id_rsa type -1

debug1: identity file /home/uidb5693/.ssh/id_rsa-cert type -1

debug1: identity file /home/uidb5693/.ssh/id_dsa type -1

debug1: identity file /home/uidb5693/.ssh/id_dsa-cert type -1

debug1: identity file /home/uidb5693/.ssh/id_ecdsa type -1

debug1: identity file /home/uidb5693/.ssh/id_ecdsa-cert type -1

pause

ssh_exchange_identification: Connection closed by remote host

It seems as though the connection is established, but it is not authenticating properly with homesvr and hence timing out on login. Removing the home.auth file from .ssh/config results in the same behavior.

This has frustrated me for nearly a week. Any advice is highly appreciated.

ssh http https sshd http-proxy

share|improve this question

edited May 10 '11 at 13:54

user80096

asked May 6 '11 at 19:07

user80096user80096

13

share|improve this question

edited May 10 '11 at 13:54

user80096

asked May 6 '11 at 19:07

user80096user80096

13

share|improve this question

edited May 10 '11 at 13:54

user80096

asked May 6 '11 at 19:07

user80096user80096

13

asked May 6 '11 at 19:07

user80096user80096

13

asked May 6 '11 at 19:07

user80096user80096

13

1 Answer
1

active

oldest

votes

0

you should try openvpn at homesrv then connect through it

share|improve this answer

edited May 6 '11 at 22:10

studiohack♦

11.3k1880114

answered May 6 '11 at 21:07

FrankFrank

1

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f280209%2fbypassing-workplace-http-proxy-using-ssh-or-other%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

0

you should try openvpn at homesrv then connect through it

share|improve this answer

edited May 6 '11 at 22:10

studiohack♦

11.3k1880114

answered May 6 '11 at 21:07

FrankFrank

1

add a comment | 

0

you should try openvpn at homesrv then connect through it

share|improve this answer

edited May 6 '11 at 22:10

studiohack♦

11.3k1880114

answered May 6 '11 at 21:07

FrankFrank

1

add a comment | 

you should try openvpn at homesrv then connect through it

share|improve this answer

edited May 6 '11 at 22:10

studiohack♦

11.3k1880114

answered May 6 '11 at 21:07

FrankFrank

1

share|improve this answer

edited May 6 '11 at 22:10

studiohack♦

11.3k1880114

answered May 6 '11 at 21:07

FrankFrank

1

edited May 6 '11 at 22:10

studiohack♦

11.3k1880114

edited May 6 '11 at 22:10

studiohack♦

11.3k1880114

answered May 6 '11 at 21:07

FrankFrank

1

answered May 6 '11 at 21:07

FrankFrank

1