From 1c7cee6a5cc09e7f2f230be76c1f6fd87951307b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=B8ren=20L=2E=20Hansen?= <sorenisanerd@gmail.com>
Date: Tue, 3 Oct 2023 21:11:56 +0200
Subject: [PATCH 1/2] Document support for ssh over SOCKS5

Fixes #17754, surprisingly.

`golang.org/x/net/proxy.FromURL` (which Terraform uses to add support for HTTP and HTTPS) supports socks5 out of the box:

https://cs.opensource.google/go/x/net/+/refs/tags/v0.15.0:proxy/proxy.go;l=91
---
 website/docs/language/resources/provisioners/connection.mdx | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/website/docs/language/resources/provisioners/connection.mdx b/website/docs/language/resources/provisioners/connection.mdx
index b4b51dc543..e1342ad018 100644
--- a/website/docs/language/resources/provisioners/connection.mdx
+++ b/website/docs/language/resources/provisioners/connection.mdx
@@ -113,13 +113,13 @@ indirectly with a [bastion host](https://en.wikipedia.org/wiki/Bastion_host).
 | `bastion_private_key` | The contents of an SSH key file to use for the bastion host. These can be loaded from a file on disk using [the `file` function](/terraform/language/functions/file). | The value of the `private_key` field. |
 | `bastion_certificate` |  The contents of a signed CA Certificate. The certificate argument must be used in conjunction with a `bastion_private_key`. These can be loaded from a file on disk using the [the `file` function](/terraform/language/functions/file). |
 
-## Connection through a HTTP Proxy with SSH
+## Connection through a HTTP/SOCKS5 Proxy with SSH
 
-The `ssh` connection also supports the following fields to facilitate connections by SSH over HTTP proxy.
+The `ssh` connection also supports the following fields to facilitate connections by SSH over HTTP or SOCKS5 proxy.
 
 | Argument | Description | Default |
 |---------------|-------------|---------|
-| `proxy_scheme` | http or https | |
+| `proxy_scheme` | http, https, socks5 | |
 | `proxy_host` | Setting this enables the SSH over HTTP connection. This host will be connected to first, and then the `host` or `bastion_host` connection will be made from there. | |
 | `proxy_port` | The port to use connect to the proxy host. | |
 | `proxy_user_name` | The username to use connect to the private proxy host. This argument should be specified only if authentication is required for the HTTP Proxy server. | |

From 80f748f6f62509ed893a809c64b169c51c4af135 Mon Sep 17 00:00:00 2001
From: "Soren L. Hansen" <sorenisanerd@gmail.com>
Date: Tue, 27 Feb 2024 12:56:25 +0100
Subject: [PATCH 2/2] Apply suggestions from code review

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
---
 website/docs/language/resources/provisioners/connection.mdx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/website/docs/language/resources/provisioners/connection.mdx b/website/docs/language/resources/provisioners/connection.mdx
index e1342ad018..de41192791 100644
--- a/website/docs/language/resources/provisioners/connection.mdx
+++ b/website/docs/language/resources/provisioners/connection.mdx
@@ -113,13 +113,13 @@ indirectly with a [bastion host](https://en.wikipedia.org/wiki/Bastion_host).
 | `bastion_private_key` | The contents of an SSH key file to use for the bastion host. These can be loaded from a file on disk using [the `file` function](/terraform/language/functions/file). | The value of the `private_key` field. |
 | `bastion_certificate` |  The contents of a signed CA Certificate. The certificate argument must be used in conjunction with a `bastion_private_key`. These can be loaded from a file on disk using the [the `file` function](/terraform/language/functions/file). |
 
-## Connection through a HTTP/SOCKS5 Proxy with SSH
+## Connection through HTTP and SOCKS5 proxies with SSH
 
 The `ssh` connection also supports the following fields to facilitate connections by SSH over HTTP or SOCKS5 proxy.
 
 | Argument | Description | Default |
 |---------------|-------------|---------|
-| `proxy_scheme` | http, https, socks5 | |
+| `proxy_scheme` | You can specify one of the following values: `http`, `https`, `socks5` | |
 | `proxy_host` | Setting this enables the SSH over HTTP connection. This host will be connected to first, and then the `host` or `bastion_host` connection will be made from there. | |
 | `proxy_port` | The port to use connect to the proxy host. | |
 | `proxy_user_name` | The username to use connect to the private proxy host. This argument should be specified only if authentication is required for the HTTP Proxy server. | |