I have been languishing behind a hotel firewall (or ISP firewall) which blocks outgoing traffic on port 22. As you can tell I have now fixed my problem by other means (I'm using port 110 for ssh) but I'd love to know, maybe for future use, how the ssh over HTTP thing is supposed to work.

I found a number of sites describing the method:-

http://quartz-net.co.uk/quartzwiki/index.php/SSH_proxy_via_Apache http://dag.wieers.com/howto/ssh-http-tunneling/ http://blog.m8t.in/2006/12/ssh-through-apache-proxy.html http://mark.koli.ch/2011/12/configuring-apache-to-support-ssh-through-an-htt...

... and loads more.

The bit I had/have trouble getting my mind round is the proxytunnel bit that you add to ~/.ssh/config, for example from the last site above:-

Host kolich.com Hostname kolich.com ProtocolKeepAlives 30 ProxyCommand /usr/bin/proxytunnel \ -p web-proxy.corp.example.com:3128 \ -r kolich.com:8443 -d %h:%p \ -H "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)"

Firstly I don't *quite* understand why proxytunnel is necessary. Is it 'wrapping' the SSH stuff in an HTTP envelope to pass through apache etc.?

Secondly none of the sites say where/how you find what to actually use for web-proxy.corp.example.com (in the above example). Presumably it has to be a 'local' proxy server which one *can* send to using any port but will it always exist? .... or have I got the wrong end of the stick? I do realise that I need to replace kolich.com in the above with the name of my server where I have apache running with mod_proxy.

It's more of academic interest now as I said but I'd like to know for future reference.

I finally sorted my problem by enabling remote HTTPS access to my router from the command line (using a web based ajaxterm service) and then remote configuring the router to open port 110 and portmap it to port 22.