A script to set SSH proxy based on network location

Apr 19, '07 10:12:00PM

Contributed by: Anonymous

The following script will let you use, or not use, an SSH proxy depending on your machine's location. What you need to make it all work:

Here's how things work, in a nutshell. If you have a proxy configured, then the script will find the hostname and port of the proxy for the given protocol (look for the ****Proxy that you want by doing scutil --proxy -- it's a regex, so it must match the case). Then it will find the username and password for that proxy in your keychain and store them in environment variables that connect.c will understand.

If you don't have a proxy configured, the script will see that there's no proxy and just use netcat to simulate connect.c, and you can go about your SSH as normal. To use it, I have this line...
ProxyCommand /Users/me/bin/mac_proxy.sh -P HTTPS -H %h -p %p
...at the top of ~/.ssh/config -- this means that every SSH connection is automatically proxied when my network "Location" is 'Work,' but not when I'm at 'Home.' Assuming you're using SSH key authentication, you should be able to get to the remote machine without ever entering a single password and still be secure; even with an authenticating proxy between you and the remote machine. Hope this helps somebody.

[robg adds: I haven't tested this one.]

Comments (1)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20070416221216416