Use the information at your own risk. If you intend to use this to circumvent web filtering, other blocked services, and ports then I suggest that you only do it on your own personal equipment or with explicit written authorization from your companys boss that wants their security tested. It only takes one time to get caught then you can face big penalties to your reputation and or future job opportunities. Also, some countries prohobit the use of encrypted communications. This tutorial revolves around the usage of the SSH protocol which uses encryption to scramble packets sent and recieved and may be illegal. With that stated have fun at your own risk.

In this tutorial I will discuss how to connect and login to a remote SSH (Secure Shell) server, open tunnels(I use tunneling to connect to my proxy server then browse the web through the tunnel in this tutorial), authenticate Putty via http to your corporate proxy. Throughout this tutorial I will cover connecting from a GNU/Linux box to a GNU/Linux box (Hosting OpenSSH) via SSH using the command line.

People who would like to circumvent proxies put in place to filter out web sites, services, and ports. The target audience is assumed to be a intermediate to advanced crowd who need/want to use the command line shell for working with SSH. This is very useful to know should you need to connect to your OpenSSH server and do not have the X server with WM setup to work over. If you are a beginner you will need to learn the basics of networking, tunneling, and more about security.

• Putty

• OpenSSH

1. 

2. Once you have inputted all the appropriate values and you are connecting you will get a dialog prompting you if you wish to accept the server's key.

It looks like this:

Now press yes otherwise you wont be able to login. After that you will get a prompt asking you for a login and password. This user and pass will be the same user and pass that you use to login locally in GNU/Linux.

You have successfully connected! Now what? You can now use your GNU/Linux shell to either compile programs and run them (without X as of now). In order to use it with the X server the easiest thing I find to do is to boot to a GNU/Linux Live CD such as Knoppix then use SSH to login and you use your local X display to run the programs through SSH. You may use editors such as Emacs(a popular text editor created in Lisp), Vim(another Text editor), and more. If you want to use your AIM account you could use Naim and if you want to use IRC you may use irssi. Anyway thats what I use and those are some examples of what you may use.

Lets say you are in a corporate environment and your favorite site pogo.com is blocked. The solution is to either specify a proxy in your connection settins or use SSH to make a tunnel to your proxy. Lets assume that specifying the proxy through your connection settings isnt working and its still blocked.

• Putty

• OpenSSH
• Proxy Server(I use Squid)

1. Enter in your Server info for Session
   
   NOTE: When entering destination use the following format (ip:port). When specifying the IP for whichever service your connecting to your specifying a Class C IP within your network. So if you were within your home network and have a proxy server listening on 10.10.11.4:1000 thats what you'd specify. Another example is if you have a proxy server listening on port 102 with the SSH server you connecting to you do 127.0.0.1:102 for the destination field. For the Source IP in putty just put the same port as the Destination text field.

2. Now connect and login. Once completed you have successfully opened an active tunnel.

3. Great now what? you've connected and opened a tunnel. Now we will use a web browser to go through that tunnel and through the proxy we have defined. So say we have a open tunnel to 10.50.19.3:8080. We now want to use our web browser to go through that. I wont go over how to specify proxies in your local web browser as that is simple to do. In the proxy area you will want to put 127.0.0.1 for the hostname and 8080 for the port. The reason I put our localhost ip and 8080 is that putty is listening on 8080. So when you specify the localhost putty will pick up the connection and point you towards the proxy or whichever you tunneled. You will know if this stuff is all working out if you can browse web pages. Another way of figuring out if it works is to see if you could browse pogo.com. Also check out your WAN IP. It should be your home network's IP. Use ipchicken.com to figure out your WAN IP. Congradulations you have bypassed your companies blocks!

1. Enter all previous Putty connecting info as described before (tunneling optional).
   
2. Doing this you should be able to connect and authenticate through your companies HTTP proxy then connect to your SSH server from there.

This error frustrated me the most and took long enough for me to figure it out. Your company may have implemented Microsofts proprietary NTLM protocol into their proxy. Even if you put the right user/pass into the user/pass text fields you wont be able to authenticate no matter what with Putty. Putty doesnt support the NTLM protocol thats why. Given that you must get another program called NTLM proxy server to authenticate through your corporates proxy and set Putty to go through that program.

• Putty
• NTLM Proxy Server
• Python (NTLM Proxy Server needs Python as its created in its language)

• OpenSSH
• Proxy Server(I use Squid)

The NTLM Proxy server will resolve the 407 Authentication error along with some others. Just make sure you specify all the right credentials in the NTLM proxy servers server.cfg file to connect to your corporates proxy such as the ip to the corporates proxy, username, password, and domain. Once the NTLM Proxy Server is up you then use Putty to connect via HTTP to that Proxy. Just dont specify a user and password in the proxy area in Putty. Just have the HTTP radio buton selected, use 127.0.0.1 for hostname, and specify whichever port you have the NTLM proxy server listening on.