Using Corkscrew Tunnel SSH over HTTP

China National Network Firewall (GFW) shielding part free SSL certificate (e.g StartSSL) from Jun 20, 2015 and my blog has been blocked now in some place of China. It seems like shielded by detecting the secondary field of SSL certificate. For example in StartSSL certificate: CN = StartCom Class 1 Primary Intermediate Server CA. I can't visit my site via SSL connection and can't connect my server. So I find tools help me establish a HTTP proxy for SSH.


Corkscrew is a tool for tunneling SSH through HTTP proxies.

Install Corkscrew via Homebrew

$ brew install corkscrew

Modify /etc/ssh/ssh_config or ~/.ssh/config file, and add following code in it

Host *
    ProxyCommand /usr/local/bin/corkscrew [host] [port] %h %p

Replace [host] and [port] with your HTTP proxy server and set file permission to 644 as plain text. If HTTP proxy have a authority, we should also save username and passcode to a file (~/.ssh/proxyauth) and tell corkscrew to use it.

Format of authority file


Modify /etc/ssh/ssh_config file like this:

Host *
    ProxyCommand /usr/local/bin/corkscrew [host] [port] %h %p ~/.ssh/proxyauth
0.00 avg. rating (0% score) - 0 votes