Corkscrew (program)
From Wikipedia, the free encyclopedia
Corkscrew enables the user to run SSH connections over most HTTP and HTTPS proxy servers. Due to SSH features such as port forwarding, this can allow many types of services to be run safely over the SSH via HTTP connections.
Supported proxy servers:
- Gauntlet
- CacheFlow
- Internet Junkbuster
- Squid
- Apache's mod_proxy
One problem with this approach is that proxy servers generally have an idle timeout setup for HTTP/HTTPS connections. Values of 10 minutes or so can possibly be tolerated, but some have this value very low (say 30 seconds). This of course causes your SSH sessions to die after the set timeout if they are left idle.
One way to work around this is to modify the TCP/IP stack keepalive values on the client machine and the machine running the ssh server. Most default keepalives do not kick in until a large amount of time has gone by, however, so this approach would mean modifying the keepalive values on all (outside) machines you want to connect to.
A good workaround for this problem is to install the heartbeat patch for OpenSSH.
You can apply this patch on the client machine (the one behind the restrictive firewall/proxy) and then setup a heartbeat for every 15 seconds or so, and your connections will not die due to idle timeout. This approach has worked consistently well.
[edit] Credit
The article contains material from InfoAnarchy
