In some places, network is locked behind a firewall and Internet connection is available only by using a proxy server. If you wishes to connect to your SSH at home, you're in trouble. However, there is a simple solution to this: tunneling over HTTPS. However, if you are one of those lucky guys that cannot use tunneling over HTTPS, this page can help you.
Using any protocol that can exchange information, it is possible to encapsulate a connection over it. Some not-so-common examples are: IP-over-DNS, IP-over-ICMP. This page shows a TCP tunneling solution (like ssh -L option) (ab)using HTTP.
The program is divided in two parts: the first one implements a HTTP server, that can be setup to run on any server. However, it is generally easier to have ports 80 or 8080 as authorized ports in your proxy server.
The seconds part is the client program. It opens a local TCP port or reads STDIN. After a connection is received, it connects to the server program just like a browser would do and exchange packages using HTTP requests (in this case: GET, PUT, POST, DELETE).
This brings up Webrick running in port 8080 and answering bridge requests at http://myserver:8080/bridge
Now, it is time to run the client program:
If everything goes OK, the client program starts to listen on port 8022 (user "-" intead of 8022 for STDIN/STDOUT). When someone connects to it, it translates the communication with HTTP commands and forwards them to myserver that effectively connects to mysshserver.xxx.com at port 22. As 22 is a ssh port, one can use this tunneling using:
Now, someone might like to use SSH to setup a SOCKS server, a reverse TCP port, etc or just connect to a remote VPN server.
This command can also be used as ProxyCommand in OpenSSH client. In this casem the use of bridge is more "transparent".
And call ssh as usual. For any xxx.com server:
And for server2: