Tunneling question - How do you use corkscrew , ssh , and eg firefox ?
in [UK Linux]
|
Prev: VEHO VFS-001 Film Scanner
Next: M.I 5-Perse cution . Compa ring t he MI5 Persec ution wi th Ger man Fina l S olution
From: jameshanley39 on 25 Dec 2007 20:24 I am having some trouble trying to figure out how to get corkscrew working. I am using squid as http and https proxy. As a test, so 127.0.0.1:3128 (squid`s default port is 3128).. As I understand it, I should be able to set up any browser or ftp client or whatever, to tunnel through the squid HTTPS proxy, and I use corkscrew to do it. I have tried a few things though, without even getting as far as firefox, and it gets nowhere. usage: corkscrew <proxyhost> <proxyport> <desthost> <destport> [authfile] $ corkscrew 127.0.0.1 3128 sourceforge.net 443 ~/a.a I do not know what user/pass to put in the authfile, since HTTPs sites like sourceforge.net do not require one from the browser. I tried this in ssh_config ProxyCommand corkscrew 127.0.0.1 3128 %h %p ~/a.a then ssh sourceforge.net 443 and ssh sourceforge.net -p 443 but no luck I have no idea how to go about using corkscrew.
From: jameshanley39 on 27 Dec 2007 12:01 On Dec 27, 12:58 pm, Martin <mlbu...(a)btinternet.com> wrote: > On Tue, 25 Dec 2007 17:24:04 -0800, jameshanle...(a)yahoo.co.uk wrote: > > I am having some trouble trying to figure out how to get corkscrew > > working. > > > I am using squid as http and https proxy. As a test, so 127.0.0.1:3128 > > (squid`s default port is 3128).. > > > As I understand it, I should be able to set up any browser or ftp client > > or whatever, to tunnel through the squid HTTPS proxy, and I use > > corkscrew to do it. > > > I have tried a few things though, > > without even getting as far as firefox, and it gets nowhere. > > > usage: corkscrew <proxyhost> <proxyport> <desthost> <destport> > > [authfile] > > $ corkscrew 127.0.0.1 3128 sourceforge.net 443 ~/a.a > > > I do not know what user/pass to put in the authfile, since HTTPs sites > > like sourceforge.net do not require one from the browser. > > > I tried this in ssh_config > > ProxyCommand corkscrew 127.0.0.1 3128 %h %p ~/a.a > > > then ssh sourceforge.net 443 > > and ssh sourceforge.net -p 443 > > > but no luck > > > I have no idea how to go about using corkscrew. > > not sure if this web site helps as not had much to do with proxies > > http://wiki.linuxquestions.org/wiki/Corkscrewbut hey ho you never know > > -- > If its not broke must be Linux- I saw that. Corkscrew is to do with proxies. As the link says " A package available from http://www.agroman.net/corkscrew/ which allows you to tunnel your ssh connection through a http proxy in circumstances where SSH is blocked " Anyhow.. If anybody here has used corkscrew, they would know.
From: Andy Burns on 29 Dec 2007 06:03 On 27/12/2007 17:01, jameshanley39(a)yahoo.co.uk wrote: > Anyhow.. If anybody here has used corkscrew, they would know. I think your corkscrew server has to running on a publically accesible machine out on the internet on the far sde of the proxy you're trying to skirt round, not on your local machine. I use openVPN instead (over UDP where possible, but over https and through proxies where necessary)
From: jameshanley39 on 29 Dec 2007 13:21
On Dec 29, 11:03 am, Andy Burns <usenet.july2...(a)adslpipe.co.uk> wrote: > On 27/12/2007 17:01, jameshanle...(a)yahoo.co.uk wrote: > > > Anyhow.. If anybody here has used corkscrew, they would know. > > I think your corkscrew server has to running on a publically accesible > machine out on the internet on the far sde of the proxy you're trying to > skirt round, not on your local machine. > I got it working now, but nope, the servers can be local, really local(like, local to the computer) like 127/8 or local to the network, e.g. private ip(like 192.168..) , and any port. But practically speaking, it tends to be used in a Work and Home situation, where at work there is an HTTP proxy , local to the network, run by an administrator, who may be a BOFH. So they can Only connect to their HTTP Proxy IP : port. And that HTTP Proxy may have a blacklist of IPs, too, to block websites like Amazon. (if it has a whitelist i guess one is screwed). There were a few things I did not realise, and that caused me the problem.. $ corkscrew corkscrew 2.0 (agroman(a)agroman.net) usage: corkscrew <proxyhost> <proxyport> <desthost> <destport> [authfile] When it says desthost and destport, it refers to that of the SSH server. Authfile, which is optional, is only [required] if the HTTP proxy requires authentication, and [so] does not apply to me. The rest were clear from the instructions for Corkscrew.. Corkscrew is actually meant to be used via a line in ssh_config that reads ProxyCommand ... It seems to me that running Corkscrew from the command line does the same as telnetting(or nc - netcat ) directly to an SSH server. So ProxyCommand just SSHs it - making it usable! since one cannot communicate with an SSH server in plaintext. . I guess one then tunnels whatever through that SSH connection. Or rather, one creates the SSH connection with the options for tunneling, and tunnels through SSH, using SSH as one would do without corkscrew. (the ProxyCommand takes care of the corkscrew aspect). > I use openVPN instead (over UDP where possible, but over https and > through proxies where necessary) I meddled with stunnel(SSL), and am near completing my initial meddling with SSH. And then I will give OpenVPN a try..! I have heard good things about it, encrypts entire network connection, sounds interesting! (or rather, people talk about it and it is related to computers, so I have to know how it works / how to get it working / how to use it).!!!!!! |