Re: SSH tunnel over SQUID
Am Wed, 15 Oct 2008 17:30:58 -0700 schrieb nicola.calipari:
> I have to reach a cluster of linux machines protected by a firewall.
> The usual way to reach them is to SSH from inside the network, but i
> need to do it from outside.[/color]
A http proxy cant speak ssh, you need to run the ssh client behind the
proxy and you have to speak http/s through the proxy.
> I have the credentials and everything, but the cluster belong to a
> university so the admin is lazy and i need to minimize the requests to
So, you think after the proxy you'll have access to the network behind?
If so then you're right the admins are lazy, but I don't think so.
> My idea was to use a squid proxy that is open to outsiders (there's a
> ezproxy too).[/color]
And behind the proxy is surely another firewall to prevent access to ssh.
> Here's .pac config for two different squid proxy:
> As i said I have full credentials to get inside the net, is just that
> i don't know how to do and that the admin don't have time to help me.[/color]
It doesn't matter, first the admins have a reason to prevent access via
ssh second after the proxy is surely an ip filter/firewall or whatever to
prevent access to private segments and if not there could also be a layer3
router to do the work.
Your only chance I think is to access a ssh client behind the proxy on a
webserver (cgi shell or whatever) but it only works if your webserver can
reach the cluser and you can reach the webserver or something it speaks