X-Spam-Check-By: sourceware.org
Message-ID: <1162222665.45461c498fa8f@imp6-g19.free.fr>
Date: Mon, 30 Oct 2006 16:37:45 +0100
From: Teggy P Veerapen <tve DOT ml AT online DOT fr>
To: cygwin AT cygwin DOT com
Subject: Re: How to go through a company proxy with ssh ?
References: <1161879106 DOT 4540de42eeb55 AT imp6-g19 DOT free DOT fr> <c2888f8c0610261123y7d32e2dey14a235c381987126 AT mail DOT gmail DOT com>
In-Reply-To: <c2888f8c0610261123y7d32e2dey14a235c381987126@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
User-Agent: Internet Messaging Program (IMP) 3.2.5
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Yes indeed, I was going through port 80 instead of port 443 thinking that both
were processed in exactly the same way by the proxy. But when reading your
website, I understood my error.

Thanks for this small bit of information ... Small bit indeed but how useful it
has been :)

Cheers,

Teggy


Selon Robert McKay <robert AT mckay DOT com>:

> On 10/26/06, Teggy P Veerapen <tve DOT ml AT online DOT fr> wrote:
> > Hi,
> >
> > Thanks guys for all these informations ... In fact, I have tried both
> solutions
> > connect and corkscrew but I haven't been able to connect through the proxy
> with
> > neither utility. I am getting a forbidden message and if I turn debug
> option on
> > when using connect, I get something like that:
> >
> > ---8<---------------
> > ...
> > DEBUG: begin_http_relay()
> > DEBUG: >>> "CONNECT 82.231.204.246:80 HTTP/1.0rn"
> > DEBUG: >>> "rn"
> > DEBUG: <<< "HTTP/1.0 403 Forbiddenrn"
> > DEBUG: http proxy is not allowed.
> > FATAL: failed to begin relaying via HTTP.
> > ssh_exchange_identification: Connection closed by remote host
> > ---8<---------------
> >
> > I would presume that the proxy is somehow checking that http requests are
> going
> > through and all it's seeing is ssh requests. Does that seem plausible to
> you
> > that the proxy is indeed checking the request ?
> >
> > Or am I making a mistake when using the utility (configuration seems fairly
> > simple and straightforward to me) ?
> >
>
> While this is probably straying off-topic for the cygwin mailinglist..
>
> The forbidden error is likely because you are trying to connect to
> port 80 rather than port 443 (the https port). Try running sshd on
> port 443 instead (simply add another listen directive to your
> sshd_config file. Port 443 is often the only port you are allowed to
> 'CONNECT' to.
>
> I've actually developped a novel hack to use http proxies that doesn't
> use CONNECT but rather the standard GET and POST requests. It just
> uses two simultaneous http requests (one always GETing the other
> always POSTing).
>
> http://wari.mckay.com/~rm/proxy2ssh/
>
> You'll also see a simple CONNECT script there as well that uses nc.
> I've used both scripts under cygwin without difficulty.
>
> Regards,
>
> Robert.
>
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Problem reports:       http://cygwin.com/problems.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
>
>



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/