corkscrew is a simple tool to tunnel TCP connections through an HTTP proxy supporting the CONNECT method. It reads stdin and writes to stdout during the connection, just like netcat.
It can be used for instance to connect to an SSH server running on a remote 443 port through a strict HTTPS proxy.
Install corkscrew in ubuntu using the following command
sudo aptitude install corkscrew
This will complete the installation.
Configue corkscrew
If your HTTP proxy uses authentication, then you’ll need to tell it about the username and password to use This is where the concept of ‘auth-file’ comes into play. All you have to do is put your username & password, separated by a colon, into a textfile. Once you’ve done this, you just have to tell corkscrew where to find the auth-file. Create a file called .corkscrew-auth in your home directory
$touch .corkscrew-auth
$gedit .corkscrew-auth
and place your username and password in the following format
username:password
Save and exit the file.
Configure ssh For Tunneling
Now we’ll tell ssh what to do when connecting to all or specific hosts. Open up ~/.ssh/config (that’s /home/yourusername/.ssh/config) in your favourite text editor (gedit,nano,vim etc)
$gedit /home/yourusername/.ssh/config
and add the following lines
Host *
ProxyCommand corkscrew proxyhostname proxyport %h %p /home/username/.corkscrew-auth
Save and exit the file
Note: replace proxyhostname and proxyport with the equivalents for your network.
Note: you won’t need to add the last section, ‘/home/username/.corkscrew-auth’, if your HTTP proxy doesn’t use authentication.
What we’ve just told ssh to do is for all hostnames (’Host *’), use the following proxy command to route the connection.If you want more secure connections you can also list of hosts.
Corkscrew Syntax
corkscrew proxy proxyport targethost targetport [ authfile ]
proxy -- This is the name of the host running the HTTP proxy.
proxyport -- This is the port on which to connect on the proxy.
target -- This is the host to reach through the proxy.
targetport -- This is the port to connect to on the target host.
Test your SSH connection
ssh serverip