blog » Work / 努力工作 » Use Openssh With Proxy
Use Openssh With Proxy
SSH 能够创建 Socks5 代理是众所周知的事情了。
但是 SSH (openssh) 怎么用代理呢?由其是 Socks5 代理。
前段时间 Luey 貌似也遇到这个问题,现在自己也遇到了。稍稍标注一下。
man ssh_config 可以得到
ProxyCommand
Specifies the command to use to connect to the server. The command string extends to the end of the line, and is executed with the user's shell. In the command
string, `%h' will be substituted by the host name to connect and `%p' by the port. The command can be basically anything, and should read from its standard
input and write to its standard output. It should eventually connect an sshd(8) server running on some machine, or execute sshd -i somewhere. Host key manage‐
ment will be done using the HostName of the host being connected (defaulting to the name typed by the user). Setting the command to ``none'' disables this
option entirely. Note that CheckHostIP is not available for connects with a proxy command.
This directive is useful in conjunction with nc(1) and its proxy support. For example, the following directive would connect via an HTTP proxy at 192.0.2.0:
ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p
看来通过 proxy command 可以调用外部命令来支持代理连接,但是文中提到 nc -X 参数我这里不可用。
通过搜索发现多篇文章提到了 proxytunnel 工具,还有类似的 corkscrew 工具。相关的文章参考下面两篇:
http://www.ubuntugeek.com/how-to-use-ssh-via-http-proxy-using-corkscrew-in-ubuntu.html
http://dag.wieers.com/howto/ssh-http-tunneling/
还有一处用到了一段 perl 脚本:http://bbs.linuxpk.com/thread-10121-1-1.html
但是看看配置文件,貌似都写的太复杂了,而且还只支持 http proxy。这可不行唉~
最后找到了一个非常好用的小工具 connect。
执行起来很简单,并且 http socks 通吃。编译过后执行运行:
[root@arch-sky .ssh]#./connect
connect --- simple relaying command via proxy.
Version 1.100
usage: ./connect [-dnhst45] [-p local-port][-R resolve] [-w timeout]
[-H proxy-server[:port]] [-S [user@]socks-server[:port]]
[-T proxy-server[:port]]
[-c telnet-proxy-command]
host port
马上就知道怎么用了吧!
RSS 2.0 | leave a response | trackback
给看个好玩的东西
http://www.tinc-vpn.org/examples/bridging
[回复]
brctl 是早就用过了。不过这种 VPN 倒是没用过。目前没环境要用这个,再说 ipsec vpn 不是蛮好么~ 有啥本质区别?
[回复]