Novell Cool Solutions: Feature
By Damian Myerscough
Digg This -
Posted: 10 Oct 2007
Having a machine located behind a proxy server and unable to SSH out to other machines.
Using the SSH proxy utility.
This article was tested on:
- SUSE Linux Enterprise Desktop 10
- SUSE Linux Enterprise Server 10
- SUSE Linux Enterprise Desktop 10 SP1
In this article I am going to show you how to setup the SSH (Secure Shell) proxy utility that gives you the ability to relay network connections via SOCKS and HTTPS. The utility is very useful if you are working within an office that denies direct SSH connections to outside hosts. The features that are available within the SSH proxy utility are listed in Table 1.
|Supports SOCKS (Version 4/5).||Supports HTTPS connection.||Supports NO-AUTH and USERPASS authentication.|
|Runs on Linux and Microsoft Windows.||You can input password from tty, ssh-askpass or environment variables.||Partially supports telnet proxy.|
Table 1: SSH proxy command features.
The installation of the SSH proxy utility is very simple. The installation of the SSH proxy utility requires you to have the GCC compiler installed as we will need to compile the source code.
The first task we need to do is check to see if the development packages have been installed, issuing the "yast sw_single" command and then search for the GCC package as shown in Figure 1.
The GCC compiler was installed at the installation on my machine thus showing the "i" character near the package name. The "i" character indicates that a package has been installed, if you don't have the "i" character by the package name this means that the package has not been installed.
Once the GCC package has been installed you can download the "connect.c" source file from the  website. Once you have downloaded the "connect.c" source file you can compile it using the "gcc" command, as shown in Figure 1.1.
fsc_nono:~/Desktop # gcc connect.c -o connect-proxy
Once you have compiled the "connect.c" source file you should have an executable file within your current working directory called: "connect-proxy", you will need to move this binary file into the "/usr/bin" directory as shown in Figure 1.2.
fsc_nono:~/Desktop # mv connect-proxy /usr/bin
Once the "connect-proxy" utility has been moved into the "/usr/bin" directory you will need to create a file within your "~/.ssh" directory called: "config" as shown in Figure 2.
fsc_nono:~ # touch ~/.ssh/config
Once you have created the "config" file you will need to open it with a text editor and add similar contents which is shown in Figure 2.1.
Host * ProxyCommand connect-proxy -H 192.168.0.1:81 %h %p
The IP address "192.168.0.1:81" will need to be replaced with the IP address of your proxy server. Once you have all these configurations set you can SSH into any machines outside your network as shown in Figure 2.2.
fsc_nono:~ # ssh email@example.com
This also works for SFTP (Secure File Transfer Protocol) and SCP (Secure Copy) along with any other utilities that rely on SSH.
The SSH proxy utility is a very useful tool as it allows administrators to be able to SSH into machines outside there network via a proxy. Users may also find this utility useful because they will be able to transfer files between two machines using SFTP and SCP. I would recommend reading the documentation from  website as it shows how to use the SSH proxy utility to its full extent.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com