There's nothing sophisticated about China's attack strategy on VPN's, make them illegal and block their IP. Sites like greatfire.org maintain lists of working ones, or running one on a vps would be pretty easy.
Maybe 15 years ago, but today it's very sophisticated, incorporating deep packet inspection and machine learning. Under normal circumstances, they allow some VPN traffic. But they ramp up the firewall during big political events, at which times it's almost impossible to gain proper connectivity.
But there's no "deep packet" inspection of encrypted vpn or an ssh tunnel? Sure, you can guess that the connection is encrypted, and block it on general principle - but there's no way (that I know of) you could selectively block ssh based on the content/traffic pattern (you might let through low-throughput ssh only, ie: only allow use that "looks like" shell use, but a) you could run w3m on the other end of that tunnel, and b) it sounds unlikely - as that would also kill many other uses like file transfer for backup etc).
I'm curious if ssh access to eg: digital ocean is allowed?
If so, you can simply use ssh as a socks5 proxy:
ssh -D 8080 you@example.com
# Set your browser to use 127.0.0.1:8080
# as a socks5 proxy for dns lookup and
# traffic, via eg foxyproxy for firefox
I'm not saying GFW won't block this, but I'm doubtful it'll allow plain ssh, and block this use case?
In my experience ssh works but tunneling over ssh does not. Not sure how they do that. Personally when I am there I only miss Google for programming issues. It is terribly inefficient to use something else imho.
The reason why tunneling over SSH doesn't work very well is because the network is crap. SSH runs on TCP, and TCP doesn't perform well when there's a lot of packet loss. Even for interactive logins it's frustrating without mosh.
you must be kidding. the great firewall of China is arguably one of the most sophisticated systems ever deployed on the Internet.
try IPSec or PPTP based vpn, they turn your encrypted communication into plain text. then think about the scale - they do this on almost 1 billion users.