SSH via a Socks proxy on OS X with connect.c

Filed Under Mac on December 7, 2005 at 5:05 pm

NOTE: tested on OS X 10.7 Lion, works fine!

These instructions are for setting up a mac to use connect.c to get SSH through a SOCKS proxy. If you are not using OS X this may still be of some use to you because connect.c will compile on Windows and *nix as well. If you’re in the NUIM oncampus accommodation and are having problems SSHing this could be the answer to your problems!

The first step is to get a copy of connect.c and compile it. The website contains instructions for doing this on other platforms but for the mac use:

  1. gcc connect.c -o connect -lresolv

This will spool out a ream of warnings but don’t worry about that.

Then you have to copy this to a folder in the path and set up the correct permissions:

  1. sudo cp connect /usr/bin
  2. sudo chmod 555 /usr/bin/connect
  3. sudo chown root:wheel /usr/bin/connect

At this stage connect.c is installed, you now need to tell SSH to use this proxy for any servers you want to connect to that is outside the campus.

To do this you need to add lines of this form to ~/.ssh/config:

  1. Host xxx.yyy.com
  2.   ProxyCommand connect -a none -S socks.yyy.com %h %p

The example above is for connection to xxx.yyy.com, you’ll need pairs like this for each host you want to connect to. You should separate the pairs with a bank line.

That’s it, you can now ssh as normal and ssh will use the SOCKS proxy.

  1. ssh user@xxx.yyy.com

Comments

14 Responses to “SSH via a Socks proxy on OS X with connect.c”

  1. jamie allen on March 5th, 2008 2:57 pm

    hi there,

    i’m trying to locate a copy of connect.c for osx – looks like you may have had a copy… could you repost?

    cheers,
    j

  2. Bart B on March 5th, 2008 5:34 pm

    Hi Jamie,

    I have a copy somewhere in work but I’m off on sick leave at the moment. When I get back in I’ll dig it up for you.

    Bart.

  3. jamie allen on March 5th, 2008 5:53 pm

    thanks bart!

    do you recall where you got it?
    j

  4. Bart B on March 5th, 2008 6:16 pm

    I got it from the link in the post which I see is not resolving anymore.

    Bart.

  5. torben on August 25th, 2008 1:24 pm

    found one on http://www.meadowy.org/~gotoh/ssh/connect.c and works as described. thx. well done.

  6. Bart B on August 26th, 2008 12:59 pm

    Fantastic! Thanks Torben. I’ve updated my post to include the new link.

    Bart.

  7. jit-consulting.de » ssh through SOCKS proxy on September 19th, 2008 10:26 am

    [...] wrote a how-to in his blog. It works great on Mac OSX, but it’s working the same way on other [...]

  8. Aleksander Grande on February 15th, 2009 2:07 pm

    works like a charm, even with iphone modem!
    Thanks a lot for the tut!

  9. Andrew Preater on March 13th, 2009 12:34 pm

    Thanks for posting this guide, saved me some time trying to compile Corkscrew (my usual weapon of choice) on OSX.

  10. matth on September 10th, 2009 3:52 pm

    Hiya,

    I also found out that you can do this with netcat which comes installed

    ProxyCommand /usr/bin/nc -X 5 -x socksproxy:port %h %p

    Cheers,

    Matt

  11. nth on January 13th, 2010 1:06 am

    Matt: excellent comment, thanks for the information. I got this working with connect, but then changed to your netcat version which is simpler and built-in.

  12. Koneksi SSH melalui SOCKS Proxy « Back2arie’s Blog on March 20th, 2011 3:54 pm

    [...] Menggunakan connect: http://www.bartbusschots.ie/blog/?p=184 [...]

  13. Andrius on February 21st, 2012 7:01 am

    Great, works! I am on location with only GPRS internet, low bandwidth, traffic limits, so i route everything through my home openwrt over ssh proxy.

    ssh via proxy was last thing i looked!

  14. Lye on May 3rd, 2012 10:12 pm

    This improved the quality of my life dramatically. Thank you so much.

Leave a Reply




Before you post a comment please remember that commenting on my blog is a privilege not a right. I won't approve comments that are obscene, offensive or insulting. For more info please read this post.

Subscribe without commenting