====== SSH through HTTPS ======

The following guide describes how to set up a SSH connection with tunnels through a HTTPS connection. As long as HTTP on port 80 and HTTPS on port 443 is enabled, you can establish a SSH connection.

===== Setup =====

Other setups than the one explained below are of course possible, but here is an overview on how I set up my environment.
  - SSH connection to a linux server running Debian 7 and Ubuntu 12.04
  - SSH public key authentication, login with password is disabled
  - Tunnels to services on my server, for example the web interface of [[http://backuppc.sourceforge.net/|BackupPC]]
  - Transfer files from and to the server with [[http://winscp.net/eng/download.php|WinSCP]]
  - You will need a google account to be able to use the http proxy

===== Installation =====

The connection will be established through your browser. At this time, I got it working with Chrome only.

  - Download [[https://www.google.com/intl/en/chrome/browser/|Chrome]] and install the [[https://chrome.google.com/webstore/detail/pnhechapfaindjhompbnflcldabbghjo|Secure Shell]] plugin.
  - Open Secure Shell in Chrome and enter the following settings:<code>
free form text (line 1): name your connection, for example the server's name
username: <user>
hostname: <www.mydomain.com>
port: <port> (note: this is the SSH port on the server)
relay options: --proxy-host=relay.wsn.at --proxy-port=443 --use-ssl
Identy: <your SSH keypair>
SSH Arguments: -L 7000:anothermachine:80 -L 22:localhost:22
Terminal Profile: leave at default or give the current profile any name
</code>
  - Note on SSH keypair: upload your SSH keypair, e.g. id_rsa and id_rsa.pub generated on your server (you might want to rename the files to //myserver_id_rsa// and //myserver_id_rsa.pub//, if you want to establish SSH connections to more than one machine)
  - Note on SSH Arguments: this is just an example. The first -L option establishes a tunnel to anothermachine's HTTP port through port 7000 on your client from where you initiate the connection, the second option establishes a tunnel to the server's SSH service you are connecting to. You will need this if you want to exchange files with the server through WinSCP
  - Download //puttygen.exe// from the [[http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html|PuTTY]] download page. Convert //myserver_id_rsa// to //myserver.ppk//, as WinSCP requires a PuTTY formatted private key.
  - Download  [[http://winscp.net/eng/download.php|WinSCP]] and enter the following settings:<code>
File protocol: SFTP
Host name: <www.mydomain.com>
Port: 22
User name: <user>
Click button Advanced, then select your myserver.ppk file under SSH->Authentication
</code>

Now, open Secure Shell in Chrome, establish the connect, then start WinSCP and connect. After a short while, you should see your remote directory.

===== Links =====

  * [[https://www.google.com/intl/en/chrome/browser/|Chrome]] download
  * [[https://chrome.google.com/webstore/detail/pnhechapfaindjhompbnflcldabbghjo|Secure Shell]] plugin
  * [[http://winscp.net/eng/download.php|WinSCP]] download
  * [[http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html|PuTTY]] download
  * [[https://github.com/zyclonite/nassh-relay|nassh-relay]] documentation and download
  * [[https://relay.wsn.at|nassh-relay]]
  * [[http://en.wikipedia.org/wiki/Web-based_SSH|Web-based SSH]]
  * [[https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding|SSH/OpenSSH/PortForwarding]]
  * [[http://daniel.haxx.se/docs/sshproxy.html|SSH Through or Over Proxy]]
  * [[https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers|List of TCP and UDP port numbers]]