Hello,

My company is using a palo alto firewall which replaces the SSL certificate for every HTTPS site by a company generated one. I used to bypass internet filtering by creating a SSH tunnel with Putty (I am local admin and can run Putty on my laptop) and run it on port 443. Then add a socks proxy in my browser setting and I was done. No more SSL filtering and I could access any website.

But now the firewall is blocking this as well. SSH to port 443 is not working anymore.

I tried this: https://hacktr.org/blog/2020/01/01/ssh-tunneling-over-https/ but it didn’t work either.

I also tried this: https://mariobrandt.de/archives/technik/ssh-tunnel-bypassing-transparent-proxy-using-apache-170/

But no go as well.

This has to be possible some way, by proxying apache to SSH using a letsencrypt cert. I tried to add a LE cert but the problem is when apache proxies to SSH it changes to IP ad the firewall blocks that step.

Any idea how to solve this?

  • lilolalu@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    When I was working in companies with very restrictive firewalls and needed to access my homeserver via SSH, I was using TOR browser (which exists as portable versions so you need to install anything which you are not allowed to). TOR Browser creates a socks proxy, which you can then use from kitty/putty ssh (which also have portable versions) to dial out.