SSH over HTTP proxy

This is a fun little trick I learned while traveling this weekend. When I’m not on my home network, I often use ssh -D to dynamically forward all of my traffic via SOCKS proxy to a remote server. This weekend though, I found myself trapped in a network with only an HTTP proxy to access the internet, so I couldn’t even check my email via HTTPS. The solution was to use connect.c to relay SSH through the HTTP proxy. I temporarily added two lines to my SSH config that proxied all host connections through the HTTP proxy.


Host *
ProxyCommand connect -H xxx.xx.xxx.x:80 %h %p

Then I set up my SSH SOCKS proxy as usual.


ssh -ND 8822 eliot@example.org

I used connect.c, but a friend had success with corkscrew.

2 Responses to “SSH over HTTP proxy”

  1. thejam says:

    corkscrew rules, fwiw

  2. Johan says:

    I’m not a fan of corcksrew as I find it limiting and this connect.c looks okay but more of the same. Ever since I found it I’ve used a home Apache site and the client command proxytunnel to run my SSH ‘properly’ wrapped in real HTTPS traffic:

    [broken link]

    Bit more involved, but works even if full packet inspection is performed, which is one of the problems with connect.c and corkscrew.

Leave a Reply