Workaround: Mac OS X High Sierra 10.13.2 – SSH tries to connect via HTTP proxy

With Mac OS X release 10.13.2 Apple introduced a new bug where OpenSSH will attempt to use any web proxy configured from a DAC file.

As SSH is not HTTP this will typically not work, resulting in connection timeouts or other connection errors.

You are likely to encounter this problem if you are using a VPN solution such as Cisco AnyConnect with a web proxy in the group policy.

Thankfully, netcat (nc) is not affected by the bug, so until Apple comes with a fix you can work around the issue by telling SSH to use netcat as a proxy channel.

This alias will take care of it:

alias ssh="ssh -o ProxyCommand=\"nc %h %p\""

Alternatively you can add the option to your ssh config file, for a more permanent effect:

echo "ProxyCommand nc %h %p" >> ~/.ssh/config

 

 

This entry was posted in Mac OS X and tagged , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>