Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Reliable outbound SSH tunnel through a restrictive proxy. Read more: http://post.ly/k4O9
#!/bin/bash
echo
date
echo "----------------------------"
if ssh -O check tunnel@vpn.example.com; then
echo "Tunnel's up."
else
echo "Starting up tunnel..."
if ssh -R 2222:localhost:22 tunnel@vpn.example.com -f 'sleep 3300'; then
echo "Seems good."
else
echo "Didn't come up."
fi
fi
echo
ControlPath /tmp/ssh-%r-at-%h-%p.ctl
ControlMaster auto
Host vpn.example.com
DynamicForward 1080
# Through 2 proxies
#ProxyCommand ~/proxytunnel-1.9.0/proxytunnel -v -p localhost:8888 -r www.example.com:443 -d %h:%p -H "User-Agent: ozilla/4.0 (compatible; MSIE 6.0; Win32)\n"
# Through 1 proxy
ProxyCommand ~/proxytunnel-1.9.0/proxytunnel -v -p www.exmaple.com:80 -d %h:%p -H "User-Agent: ozilla/4.0 (compatible; MSIE 6.0; Win32)\n"
ServerAliveInterval 30
<VirtualHost 10.0.0.17>
DocumentRoot /var/www/localhost/htdocs
Customlog vpn.example.com-access.log combined
ErrorLog vpn.example.com-error.log
HostnameLookups On
ProxyRequests on
AllowCONNECT 22 2022
ProxyVia on
### Deny everything by default
<Proxy *>
Order deny,allow
Deny from all
</proxy>
# <Proxy 123.45.67.89>
# <Proxy machine.example.com>
# <ProxyMatch .*\.example\.com>
<ProxyMatch (vpn|router)\.example\.com>
Order allow,deny
Allow from all
# Deny from all
#
# ### External (customer) sites allowed to connect
# Allow from customer1.example.net
# Allow from customer2.example.org
</ProxyMatch>
</VirtualHost>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment