document updated 15 years ago, on Mar 24, 2009
- HTTPS proxies typically allow anything through (because the data is supposed to be completely encyrpted, and thus opaque). So, there are quite a few tools available to easily tunnel SSH over HTTPS, and then do a SOCKS tunnel over that. Caveats:
- Some firewalls require you to connect to destination port 443, as a simple check. The obvious workaround is to set up your SSH server on port 443. (though this can take a bit of work, depending on who you're connecting to)
- Some firewalls check to make sure the protocol looks like SSL and/or doesn't look like SSH. It's possible to disguise SSH as TLS, as long as the server is game.
- Hotels and airports that provide for-pay wifi sometimes allow ICMP and/or DNS through unmolested. There are tools available that let you tunnel IP over those protocols, allowing you free access.