On Tue, 11 Feb 2003, Newton, Philip wrote: > Well, since you can't proxy HTTPS, you can, kind of -- once you tell the > proxy "CONNECT remote.host 443", it'll pass through data transparently and > is presumably none the wiser whether that data is actually HTTP-over-SSL or > AIM or eDonkey2K or whatever. > > However, it only allows CONNECT to a remote port of 443. > > Not sure if that's what you meant by cheating. (I *did* try "CONNECT > remote.host 22", and a couple of other ports... not recently, granted, but I > doubt they've become more lenient since then.)
They might allow other 'common' web ports, such as 8000 and 8080 on other servers, maybe give that a go. If they do, you can run your own sshd on any machine you happen to have non-root access. I finally killed my 'spare' telnetd on port 443 the other week - given that most toyboxes don't run https services, if you know anyone with a toybox better than you know me, they can probably be persuaded to set such a thing up on 443. An 'interesting' thought is that I know there are a few java ssh clients, it's quite possible that someone has added the appropriate twiddles to that to allow proxying, or you could possibly even modify the main ssh source, either as a quick hack, or as a proper, sharable patch that might be merged into the main distrib. the hatter
