On Thu, May 21, 2009 at 01:57:37PM +1200, Amos Jeffries wrote:
> > I would like to forward an scp session from one internal machine through
> > the Squid proxy and connect to an external machine. I have found many
> > documents that write about running squid over SSH but not the other way
> > around. I searched on the Squid-Cache wiki for SSH but could not find
> > anything.
>
> Squid provides the CONNECT HTTP method for this type of thing.
>
> Setting the system http_proxy environment variable may make scp use that
> proxy as a gateway. If not you are probably out of luck. scp is intended
> to be very simple and easy to use for end-to-end encrypted links. Adding
> squid to the equation breaks that.
...
> Check the proxy capabilities of your programs (ssh, scp, whatever) they
> need to be capable of transport over HTTP-proxy. If they do configure it
> and set whatever ports they need to CONNECT to, to both the Safe_ports and
> SSL_ports ACL.
> If they don't support transport over HTTP-proxy thats the end of it.
No, it's not the end. I have succesfully tunnelled ssh over another
program that handles http-proxy:
http://www.nocrew.org/software/httptunnel.html
That program doesn't even require CONNECT, it goes over regular http and
it periodically (or when the connection drops) starts new http
connections without interrupting the tunnel.
- Dave
