connect method through a https proxy

[bluerratiq]

well ... i've came to the conclusion that there is no transparent proxy set up

although I type in a browser myip I get the sshd banner, I still cannot connect to my sshd:80 from command line

Your best bet then is to tunnel your traffic over the allowed protocols, once you work out what those are by testing.

I could make my sshd listen on 443 and then use proxytunnel with ssh's ProxyCommand ... but I dont know where to get a "good" proxy account ..

what do you suggest, lupin ?

[lupin]

what do you suggest, lupin ?

No transparent proxying or application level filtering should mean that any TCP connection should pass through the firewall unaffected. This should mean that a protocol like ssh would just work, assuming correct configuration of both the client and server.

Assuming that your ssh server on your home pc and the client at work are both working correctly (you have confirmed this right?), the fact that it doesn't work over an apparently open port suggests that some sort of filtering above layer 4 is occurring. If you can do packet captures from inside the work network you may want to attempt an ssh connection and compare the results to a successful ssh connection that you have performed from outside the work network. You should see a TCP handshake, some clear text communication as the systems send banners and negotiate encryption, and then encrypted traffic. If the handshake succeeds, and some data is received but then responses stop or the connection is suddenly torn down with a RST, its likely some additional filtering is occurring.

Assuming that additional filtering is occurring, Id suggest testing that you can connect to a http/s website running on your system, and if that works use something like one of the following methods to encapsulate your ssh traffic inside http/s

http://www.nocrew.org/software/httptunnel.html
http://dag.wieers.com/howto/ssh-http-tunneling/

[bluerratiq]

According to dag.wieers.com how to ... I need a static ip address, don't I ?
Since I have a dynamic IP address I am using a dynamic dns client which updates my ip address and resolves it to a hostname (no-ip)
I am stuck when configuring apache:
<VirtualHost 10.1.2.3> #this is the static ip ? whatif I have dinamic ip ?

I hit quick reply and I cannot see it
Disregard my previous post ... I am looking through httpd documentation.

[Virchanza]

In the past I've used OpenVPN to get through an extremely strict firewall (I'm talking a serious firewall here, it was the firewall that managed my entire college). I set up my home computer to receive HTTPS on TCP port 443, and then within the OpenVPN client program I set it to go through a proxy server. Finally, I edited my routing table so that all internet-bound traffic went through my home computer, meaning I had full internet access to whatever site I wanted and on whatever port I wanted.

If you're interested, I can fish out my config files for OpenVPN, they're lurking around somewhere on my hard disk. . .

Oh yeah, I also used DynamicDNS to keep track of my home computer's IP address.