.\" Hey, EMACS: -*- nroff -*- .\" First parameter, NAME, should be all caps .\" Second parameter, SECTION, should be 1-8, maybe w/ subsection .\" other parameters are allowed: see man(7), man(1) .TH PROXYTUNNEL 1 "August 30, 2009" .\" Please adjust this date whenever revising the manpage. .\" .\" Some roff macros, for reference: .\" .nh disable hyphenation .\" .hy enable hyphenation .\" .ad l left justify .\" .ad b justify to both left and right margins .\" .nf disable filling .\" .fi enable filling .\" .br insert line break .\" .sp insert n+1 empty lines .\" for manpage-specific macros, see man(7) .SH NAME proxytunnel \- program to tunnel a connection throught an standard HTTPS proxy. .SH SYNOPSIS .B proxytunnel .RI [ options ] .SH DESCRIPTION This manual page documents the .B proxytunnel command. \fBproxytunnel\fP is a program that open a tunnel through a HTTPS proxy. .SH OPTIONS This program follow the usual GNU command line syntax, with long options starting with two dashes (`-'). .TP .B \-h, \-\-help Print help and exit. .TP .B \-V, \-\-version Print the version of the program and exit. .TP .B \-i, \-\-inetd Run from inetd. Default is off. .TP .B \-a PORT, \-\-standalone=PORT Run as standalone daemon on specified port. .TP .B \-p host:port, \-\-proxy=host:port The local HTTPS proxy host:port combo to connect to. .TP .B \-r host:port, \-\-remproxy=host:port The second-level (remote) proxy host:port to connect to when using two proxies. .TP .B \-d host:port, \-\-dest=host:port The destination host:port to built the tunnel to. .TP .B \-e, \-\-encrypt Encrypt the data between the local proxy and the destination using SSL. .TP .B \-E, \-\-encrypt-proxy Encrypt the data between the client and the local proxy using SSL. .TP .B \-B, \-\-buggy-encrypt-proxy Encrypt the data between the client and the local proxy using SSL, but stop using SSL immediately after the CONNECT exchange to workaround server bugs. (Might not work on all setups; see /usr/share/doc/proxytunnel/README.Debian.gz for more details.) .TP .B \-X, \-\-encrypt-remproxy Encrypt the data between the local proxy and the second-level proxy using SSL. .TP .B \-F STRING, \-\-passfile=STRING The file containing Username & Password to send to HTTPS proxy for authentification. This file uses the same format as .wgetrc, and so can use the credentials in common with wget. This option can be used to at least hide the password from anyone clever enough to use the `ps' command. .TP .B \-P user:pass, \-\-proxyauth=user:pass The credentials to use for local HTTP(S) proxy authentication. .TP .B \-R user:pass, \-\-remproxyauth=user:pass The credentials to use for remote HTTP(S) proxy authentication. .TP .B \-N, \-\-ntlm Use NTLM-based authentication. .TP .B \-t DOMAIN, \-\-domain=DOMAIN The NTLM domain to use, default is to autodetect. .TP .B \-H STRING, \-\-header=STRING Additional HTTP headers to send to the proxy. .TP .B \-x STRING, \-\-proctitle=STRING Use a different process title. .TP .B \-v, \-\-verbose Turn on verbosity. Default is off. .TP .B \-q, \-\-quiet Suppress messages. Default is off. .SH NOTES To use this program with OpenSSH to connect to a host somewhere, create a $HOME/.ssh/config file with the following content: Host foobar .br ProtocolKeepAlives 30 .br ProxyCommand /usr/bin/proxytunnel -p proxy.customer.com:8080 -P user:password -d mybox.athome.nl:443 If your proxy doesn't require the username and password for using it, you can skip these options. If you want to run proxytunnel from inetd add the '--inetd' option. Most HTTPS proxies do not allow access to ports other than 443 (HTTPS) and 563 (SNEWS), so some hacking is necessary to start the SSH daemon on the required port. (On the server side add an extra Port statement in the sshd_config file) .\".SH SEE ALSO .\".BR bar (1), .\".BR baz (1). .\".br .\"The programs are documented fully by .\".IR "The Rise and Fall of a Fooish Bar" , .\"available via the Info system. .SH AUTHOR This manual page was written by Loïc Le Guyader and updated by Julian Gilbey for the Debian GNU/Linux system (but may be used by others).