eel3# ssh

mjohnson@home

eel3# ./connect-tunnel.pl --proxy webproxy.mycorp.com:8080 --tunnel 2222:home:22 &

eel3# ssh mjohnson@home -p 2222

mjohnson@home's password:

Last login: Thu Mar 23 11:38:37 2006 from mycorpproxy

[mjohnson@home mjohnson]$ hostname

home

So lets have some fun and breaking out of the corporate network! First determine what your proxy server address is. If your internet is working currently, just go to IE’s internet options and take note of your proxy settings. Actually if you didn’t know how to do this already you might want to stop here.For starters lets just try to access my Unix box at home without any proxy information.This just hangs since it can’t get out of the network. FYI: I added the ip address of my home system to the hosts file of the server im on.So now lets take a look at a nice program from Philippe "BooK" Bruhat E (book at cpan.org) called connect-tunnel. Connect tunnel takes advantage of the HTTP connect command which most proxy administrators allow. It acts as a simple port forwarder. So lets give it a try to access my home system again!Kickoff connect-tunnel in the backgroud.Now lets attempt to ssh to port 2222. This should forward to port 22 on my home server.Bingo we’re through the proxy with any port we need in this case to my home server. Its important to note if the site or server you are attempting to go to is usually blocked by the content filters then you won’t be able to connect to it. Using ssh to a server of your own we can get around that though!If your running windows this is much easier with putty. Recent versions of putty come with an option to use proxy servers. This replaces the steps where connect tunnel is used. I want to be able to script all this stuff though, not just get outside the network to surf the web.Lets focus on the surfing the web though since thats probably what most people are looking for. At this point its easy. We just setup a proxy server of our own such as squid on the home pc. The n open up a tunnel via ssh when we ssh to the home server for the proxy server as well. After that its just pointing whatever you want to use the proxy server port locally defined on your machine.So we end up with a connect-tunnel going through the proxy server. Then a number of other tunnels for the services you want going over ssh!