Proxies serve as intermediary hosts, allowing you to route connections through them to access different hosts. With an SSH tunnel through a proxy, you can reach hosts within private networks or behind a NAT, bypassing the need for complicated VPN setups.
OpenSSH's client supports connections via SOCKS and HTTPS proxies. To establish a proxied connection, you'll need the ProxyCommand option and third-party tools like nc or netcat.
Steps to connect to SSH server via SOCKS or HTTPS proxy:
- Set up a SOCKS or HTTPS proxy if you don't already have one.
Related: How to create an SSH SOCKS proxy
Related: How to create SOCKS proxy on Windows - Check if the SOCKS or HTTPS proxy is reachable from the SSH client's host (optional).
$ nc -zv 127.0.0.1 2222 Connection to 127.0.0.1 2222 port [tcp/*] succeeded!
-v Produce more verbose output. -z Only scan for listening daemons, without sending any data to them. Cannot be used together with -l.
- Use ProxyCommand as an option for the SSH client.
$ ssh -o ProxyCommand='nc -X4 -x 127.0.0.1:2222 %h %p' remoteuser@remotehost
-X proxy_protocol Use proxy_protocol when talking to the proxy server. Supported protocols are 4 (SOCKS v.4), 5 (SOCKS v.5) and connect (HTTPS proxy). If the protocol is not specified, SOCKS version 5 is used. -x proxy_address[:port] Connect to destination using a proxy at proxy_address and port. If port is not specified, the well-known port for the proxy pro‐ tocol is used (1080 for SOCKS, 3128 for HTTPS). An IPv6 address can be specified unambiguously by enclosing proxy_address in square brackets. A proxy cannot be used with any of the options -lsuU.
- Add ProxyCommand to SSH client configuration file to persist the option.
$ cat .ssh/config Host remotehost hostname 192.168.1.10 user remoteuser ProxyCommand nc -X4 -x 127.0.0.1:2222 %h %p
- Connect again using the SSH client with just the Host name as parameter.
$ ssh remotehost
Author: Mohd
Shakir Zakaria
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
Discuss the article:
Comment anonymously. Login not required.