proxytunnel使い方
proxytunnelの使い方をメモ
以下を参考にした.
http://mark.koli.ch/configuring-apache-to-support-ssh-through-an-http-web-proxy-with-proxytunnel
[クライアント側]
- proxytunnel-1.9.0を解凍
- make
- make install
- vi ~/.ssh/config
Host myserver
Hostname myserver.net
ProxyCommand /usr/local/bin/proxytunnel -p koetai.proxy.net:port -r myserver.net:443 -d 192.168.xx.xx:22 -H "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)"
[サーバー側]
- vi httpd.conf
## Load the required modules.
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
Listen 443
<VirtualHost *:443>
ServerName myserver:443
DocumentRoot /some/path/maybe/not/required
ServerAdmin admin@example.com
## Only ever allow incoming HTTP CONNECT requests.
## Explicitly deny other request types like GET, POST, etc.
## This tells Apache to return a 403 Forbidden if this virtual
## host receives anything other than an HTTP CONNECT.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} !^CONNECT [NC]
RewriteRule ^/(.*)$ - [F,L]
## Setup proxying between myserver:443 and mysshserver:22
ProxyRequests On
ProxyBadHeader Ignore
ProxyVia Full
## IMPORTANT: The AllowCONNECT directive specifies a list
## of port numbers to which the proxy CONNECT method may
## connect. For security, only allow CONNECT requests
## bound for port 22.
AllowCONNECT 22
## IMPORTANT: By default, deny everyone. If you don't do this
## others will be able to connect to port 22 on any host.
<Proxy *>
Order deny,allow
Deny from all
</Proxy>
## Now, only allow CONNECT requests bound for kolich.com
## Should be replaced with yoursshserver.com or the hostname
## of whatever SSH server you're trying to connect to. Note
## that ProxyMatch takes a regular expression, so you can do
## things like (kolich\.com|anothersshserver\.com) if you want
## to allow connections to multiple destinations.
<ProxyMatch (dom\.iobb\.net|192.168.88.1)>
Order allow,deny
Allow from all
</ProxyMatch>
## Logging, always a good idea.
LogLevel warn
ErrorLog logs/yyc-proxy_error_log
CustomLog logs/yyc-proxy_request_log combined
</VirtualHost>