How to create an SSH tunneling agent via HTTPS?

How to allow SSH when the network is blocked on all ports except HTTP and HTTPS?

I'm curious to know how I can create a SSH tunnel which allows me to SSH via 443 and will work even after the server is rebooted?

I'm trying to use Laravel Forge to configure the server. However if the SSH ports are blocked, Laravel forge will not work. Hence, I'm trying to find a way to allow SSH for Laravel Forge via a tunneling agent.

Well if port 443 is used by the webserver you cannot reuse it for something else (actually there are ways to do such things) What I would suggest is to have the server create an outbound SSH connection to another box, quite likely that the firewall policy will allow this.

Do something like this:

ssh -L 2222:localhost:22 some.other.server

(Perhaps even make it persistent using a service. https://gist.github.com/drmalex07/c0f9304deea566842490)

Then login to some.other.server and do this:

ssh -p 2222 webserveruser@localhost

Or let your automation connect to this port.

To take it one step further you could use the jump option to hop directly through the intermediate server. Your .ssh/config could look something like this.

Host intermediate.server
  HostName intermediate.server
  User someuser
  IdentityFile ~/.ssh/id_rsa


Host webserver
  HostName localhost
  User someuser
  Port 2222
  IdentityFile ~/.ssh/id_rsa
  ProxyJump intermediate.server

effectively allowing you to do this:

ssh webserver

Gotta love ssh!