mirror of
https://github.com/proxytunnel/proxytunnel.git
synced 2026-01-23 10:36:13 +00:00
No description
c0cdf16eeb
git-svn-id: https://proxytunnel.svn.sourceforge.net/svnroot/proxytunnel/trunk/proxytunnel@86 bc163920-b10d-0410-b2c5-a5491ca2ceef |
||
|---|---|---|
| contrib | ||
| debian | ||
| _copyright.inc | ||
| base64.c | ||
| base64.h | ||
| basicauth.c | ||
| basicauth.h | ||
| CHANGES | ||
| cmdline.c | ||
| cmdline.h | ||
| config.h | ||
| CREDITS | ||
| global.h | ||
| http.c | ||
| io.c | ||
| io.h | ||
| LICENSE.txt | ||
| Makefile | ||
| Makefile.cygwin | ||
| Makefile.darwin | ||
| Makefile.no-gcc | ||
| Makefile.no-gnu-getopts | ||
| Makefile.solaris | ||
| messages.c | ||
| ntlm.c | ||
| ntlm.h | ||
| proxytunnel.c | ||
| proxytunnel.h | ||
| README | ||
----------- proxytunnel ----------- Author: Jos Visser <josv@osp.nl>, Mark Janssen <maniac@maniac.nl> Date: Mon Aug 15 12:15:00 CEST 2005 Version: 1.5.0 Hi all, This is proxytunnel, a program that connects stdin and stdout to an origin server somewhere in the Internet through an industry standard HTTPS proxy. I originally wrote this program to be used as an extension to SSH, to be able to SSH to my box at home. In this file, I will describe the use with SSH. If you want to use it with some other application, feel free, and let me know! Usage: Proxytunnel is very easy to use, when running proxytunnel with the help option it specifies it's command-line options. $ ./proxytunnel --help Proxytunnel 1.5.1 Copyright 2001-2005 Proxytunnel Project Jos Visser (Muppet) <josv@osp.nl>, Mark Janssen (Maniac) <maniac@maniac.nl> Purpose: Build generic tunnels trough HTTPS proxy's, supports HTTP authorization Usage: Proxytunnel [OPTIONS]... -h --help Print help and exit -V --version Print version and exit -i --inetd Run from inetd (default=off) -a INT --standalone=INT Run as standalone daemon on specified port -g STRING --proxyhost=STRING HTTPS Proxy host to connect to -G INT --proxyport=INT HTTPS Proxy portnumber to connect to -d STRING --desthost=STRING Destination host to built the tunnel to -D INT --destport=INT Destination portnumber to built the tunnel to Parameters for proxy-authentication (not needed for plain proxies): -u STRING --user=STRING Username to send to HTTPS proxy for auth -s STRING --pass=STRING Password to send to HTTPS proxy for auth -U STRING --uservar=STRING Env var with Username for HTTPS proxy auth -S STRING --passvar=STRING Env var with Password for HTTPS proxy auth -N --ntlm Use NTLM Based Authentication -t STRING --domain=STRING NTLM Domain (default: autodetect) -H STRING --header=STRING Add STRING to HTTP headers sent to proxy If you don't provide -s or -S you will be prompted for a password. Miscellaneous options: -n --dottedquad Convert destination hostname to dotted quad -v --verbose Turn on verbosity (default=off) -q --quiet Suppress messages (default=off) Examples: Proxytunnel [ -h | -V ] Proxytunnel -i [ -u user ] -g host -G port -d host -D port [ -n ] [ -v | -q ] Proxytunnel -i [ -U envvar ] -g host -G port -d host -D port [ -n ] [ -v | -q ] Proxytunnel -a port -g host -G port -d host -D port [ -n ] [ -v | -q ] To use this program with OpenSSH to connect to a host somewhere, create a $HOME/.ssh/config file with the following content: Host foobar ProtocolKeepAlives 30 ProxyCommand /path/to/proxytunnel -g proxy.customer.com -G 8080 -u user -d mybox.athome.nl -D 443 With: - foobar The symbolic name of the host you want to connect to - proxy.customer.com The host name of the proxy you want to connect through - 8080 The port number where the proxy software listens to - user Your proxy userid - mybox.athome.nl The hostname of the box you want to connect to (ultimately) - 443 The port number of the SSH daemon on mybox.athome.nl If your proxy doesn't require the username and password for using it, you can skip these options. If you don't provide the password on the command-line (which is recommended) you will be prompted for it by proxytunnel. If you are on a trusted system you can also put the password in an environment variable, and tell proxytunnel where to find it with '-S'. If you want to run proxytunnel from inetd add the '--inetd' option. If you have a broken proxy and use a destination host with dynamic DNS, add the -n or --dottedquad, the DNS name will then be resolved locally before sending it to the proxy. (Original patch from Ralph Loader <suckfish@ihug.co.nz>) Most HTTPS proxies do not allow access to ports other than 443 (HTTPS) and 563 (SNEWS), so some hacking is necessary to start the SSH daemon on the required port. (On the server side add an extra Port statement in the sshd_config file, or use a redirect rule in your firewall.) When your proxy uses NTLM authentication (like Microsoft IIS proxy) you need to specify -N to enable NTLM, and then specify your username and password (and optionally domain, if autodetection fails). The NT domain can be specified on the commandline if the auto-detection doesn't work for you (which is usually the case) Currently NTLM works quite well under Linux, however, on my test-proxy it failes when running under cygwin... we are still looking into this. When all this is in place, execute an "ssh foobar" and you're in business! Share and Enjoy! Jos Visser <josv@osp.nl> Mark Janssen <maniac@maniac.nl>