SSH in Leopard Through an HTTP Proxy

January 7th, 2008

Most applications in OS X automatically use OS X’s Network > Location settings (Apple > Location > [select a location]) including proxy settings for those of us who have employers that require all traffic to go through proxies. Firefox doesn’t use OS X’s proxy settings which is extremely annoying (there’s a Firefox extension to do this; I can verify that it works but can’t verify it’s not sending all your data to some other server or anything). SSH is another program that doesn’t respect OS X’s proxy settings. My guess is that this is because OS X’s SSH is a version of OpenSSH which Apple never customized enough to allow proxy support.

After a lot of research and help from a co-worker, I figured out how to use SSH on the Mac behind an HTTP proxy and have SSH automatically detect whether or not it needs to use a proxy. This works on Leopard but may not work in previous versions of the operating system.

Create a file (I’m going to call mine proxytest) and put it wherever you want on your Mac (make sure it’s executable by typing “chmod +x proxytest” in the terminal). This file is based on a user’s hint on macosxhints.com. Open the file and enter the following text:
#!/bin/sh

while getopts P:H:p:vh o
do case "$o" in
P) PROTO=$OPTARG;;
H) HOST=$OPTARG;;
p) PORT=$OPTARG;;
v) verb=true;;
h) echo "Usage: $0 [-P {HTTP|HTTPS|SOCKS}] -H [-p ]“;
esac
done

# See if the user is using a proxy
PROXY_HOSTNAME=$(scutil –proxy | awk ‘$1 ~ /’”$PROTO”‘Proxy/ { print $3 }’)

# If the user not using a proxy, go straight to the connection
if [ "$PROXY_HOSTNAME" = "" ]; then /usr/bin/nc $HOST $PORT; else

# Determine the hostname and port of the proxy and then establish the connection
PROXY_PORT=$(scutil –proxy | awk ‘$1 ~ /’”$PROTO”‘Port/ { print $3 }’)
/usr/bin/nc -X connect -x $PROXY_HOSTNAME:${PROXY_PORT} $HOST $PORT
fi

Then, go to your SSH config file (~/.ssh/config) or if it doesn’t exist, create the file. In the config file, enter the following line (of course, replace [path_to_your_file] with the actual path to your file):
ProxyCommand [path_to_your_file]/proxytest -P HTTP -H %h -p %p

Now, fire up your terminal and SSH as you normally would. Enjoy!

Sphere: Related Content

This entry was posted on Monday, January 7th, 2008 at 5:45 pm and is filed under Mac, Technology. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply