Hi!
Octopus documentation (https://octopus.com/docs/installation/installing-tentacles/proxy-support) states that SSH Target proxies are configured the same way as Listening Tentacles are. Please, help me understand, what is a HTTP→SSH proxy? How do you translate HTTP requests into SSH commands? Could you provide an example of squid or other well-known proxy software configuration?
We are using a simple SSH gateway host to access our production environment. So we just log into this gateway host via SSH, and then we can access any production host via SSH from it. Is it possible to configure Octopus this way?
Hi,
We are really sorry that our documentation is not clear enough on this subject.
I will try to clarify some of those terms.
help me understand, what is a HTTP→SSH proxy?
What this really means is that first you need to create a new http proxy, see https://octopus.com/docs/installation/installing-tentacles/proxy-support#ProxySupport-ListeningTentacles so in your scenario you would enter the squid proxy details.
Then you add a SSH Connection, see https://octopus.com/docs/deployment-targets/ssh-targets/configuring-ssh-connection and in the “manual settings” (https://octopus.com/docs/deployment-targets/ssh-targets/configuring-ssh-connection#ConfiguringSSHConnection-Configuration) the last option is to tick “use a proxy”, and then you select the previously created proxy.
I hope this makes more sense?
Regards
John
Hi, John!
Thanks for your reply, but this is not exactly the answer I was looking for. I do understand how to fill in a form in Octopus UI with the details of an existing HTTP proxy server. Documentation is clear on this matter.
What I don’t understand is how to set up a HTTP→SSH proxy in the first place. Can you point me to a page in squid documentation?
Oh yes, this is it. I was looking for this explanation:
By default, the proxy establishes a TCP connection to the specified server, responds with an HTTP 200 (Connection Established) response, and then shovels packets back and forth between the client and the server, without understanding or interpreting the tunnelled traffic.
Thanks!