My company blocks ssh. Is there a way to tunnel this through HTTP?

palata · 2025-04-02T22:44:50 1743633890

I agree. Something like what GitHub offers? https://docs.github.com/en/authentication/troubleshooting-ss...

cuanim · 2025-04-03T05:02:01 1743656521

Cockscrew might fit your usecase[1]

[1] - https://github.com/bryanpkc/corkscrew

mbs159 · 2025-04-06T18:59:28 1743965968

Are you sure that they are blocking SSH packets, or just port 22? If they are blocking the port, it's good practice to use something other than 22 anyways

johnklos · 2025-04-03T04:40:36 1743655236

Stupid company!

I keep a machine which has sshd listening on the IMAPS port (993) for when I'm traveling. It's amazing how many free networks don't allow ssh, but with -J and sshd on port 993, that really doesn't matter.

lormayna · 2025-04-03T05:08:05 1743656885

A NGFW, frequently used in the enterprise environments will block it. They are checking the package signatures, not only the YCP ports.

prmoustache · 2025-04-03T14:03:06 1743688986

Use that from home or a mobile phone connection?

You probably aren't supposed to update your personal website and stuff when you are working for your company anyway.

chasil · 2025-04-02T20:58:59 1743627539

I have heard that SSH could be tunneled over DNS UDP packets.

This looks like a decent article, will read later.

https://medium.com/@rogergalo/learn-how-easy-is-to-bypass-fi...

palata · 2025-04-02T22:45:34 1743633934

Not sure if it has to go that far. Probably it's just blocking port 22.

mbreese · 2025-04-03T01:29:57 1743643797

Agreed. You can host both SSH and HTTPS on port 443. I know this used to be possible with HAProxy, but now Nginx can do it as well. This way you are hosting normal HTTPS traffic when a browser is used and SSH otherwise.

Now, if your company is actually blocking the SSH protocol, you’ll have to do something like tunneling SSH through SSL, which is also possible… but not as easier IIRC.