Table of contents |
2 Corkscrews in Software 3 Practical use 4 Credit |
A corkscrew is a tool for drawing stopping corks from bottles. Generally, it is comprised of a pointed metallic spiral attached to a handle. The user grips the handle, and screws the metal point spirally through the cork. Thus, the cork and corkscrew shall be so entwined that moving one shall move the other. Corkscrews are necessary because corks themselves with their small sizes and smooth material surface are often two difficult to grip and (elegantly) remove. The handle of the corkscrew, often a horizontal bar of wood attached to the screw, allows for a fine, commanding grip making removal of the stopper relatively easy. Effectively, it increases the amount of force that can be applied outwards upon the cork.
Its design was derived from the gun worm which was a device used by musketmen to remove unspent charges from a musket's barrel in a similar fashion.
Corkscrew enables you to run SSH connections over most HTTPS proxy servers. Due to SSH features such as port forwarding, this can allow many types of services to be run safely over the SSH via HTTPS connections.
Home page: " class="external">http://www.agroman.net/corkscrew/
Supported proxy servers:
One way to work around this is to modify the TCP/IP stack keepalive values on the client machine and the machine running the ssh server. Most default keepalives do not kick in until a large amount of time has gone by, however, so this approach would mean modifying the keepalive values on all (outside) machines you want to connect to. Not terribly great.
A good workaround for this problem is to install the heartbeat patch for OpenSSH.
One very handy use of this, is to setup squid on a remote machine (outside restrictive firewall), and port forward from your client machine, across said firewall, to the box with squid. Then, you can set your local browser to use the local port as it's proxy server, and you can have all of your web traffic be unreadable to the firewall.
Assume that squid is configured on
To start ssh port forward:
Literal Meaning
Corkscrews in Software
One problem with this approach is that proxy servers generally have an idle timeout setup for HTTP/HTTPS connections. Values of 10 minutes or so can possibly be tolerated, but some have this value very low (say 30 seconds). This of course causes your SSH sessions to die after the set timeout if they are left idle.Practical use
remotehost
to listen on 127.0.0.1:8080
.ssh -L 8080:127.0.0.1:8080 remotehost.com
Then, just have your browser use 127.0.0.1:8080
as it's proxy server, and you are set. Refer to the squid page for information on anonymizing you can have squid automatically do for your HTTP traffic.
Credit
The article contains material from InfoAnarchy
see also: httptunnel