They're used so you don't visit sites you're not suppose to. It's really easy with all the CGI proxies out there to get around them, but they aren't 100% functional. SSH over HTTP proxy usually works, but this time for me it did not. I suppose it was because an SSH server starts the connection with a version identifier, and the HTTP proxy did not like that. I will be testing out this stunnel/tinyproxy configuration. It'd be doubly encrypted, but I could in turn use that to connect to my SSH server if a success. Attached you'll find the files.
The config files are all unchanged from my tests, so you'll have information about my server, but my stunnel server has been setup to checks client certificates. I included my client cert and private key, but it's passworded, and if cracked and abused I can easily change the certs allowed on the server! The tinyproxy backend only allows connections from localhost. That makes it pretty closed to all those random foreign hackers that always seem to probe the entire internet for open proxies.
So anyway... Hopefully it seems more authentic to my corporates HTTP proxy. It would be a nice addition to Portable Firefox. Making those weekends stuck on duty seem almost like I'm surfing from home... :)
Edit: on second thought, I won't post the file here. It's all available
on stunnel.org, and I can just use a
diskette to allow friends the option of testing it out.
Comments