Can transparent HTTP proxies read encrypted data?
e.g. proxied https or ssh sessions
The way you would know that this is happening is you would get certificate errors or the fingerprint would not match on the SSH session. Because they cannot actually break the encryption and spoof the authentic certificate.
Places where this generally happens are environments where they can be completely controlled. Such as a corporate Network where they have their own internal certificate authority which is already distributed down to all of the clients on their Network. This way they're proxy can take traffic from your bank for example decrypt it and then reissue a certificate and encrypt it with their internal certificate authority and your browser generally won't throw an SSL error because there's certificate is validated through a chain of trust. because this is a real thing that happens there are other methods that some websites employ so that certificate validation can be double checked through an embedded value in the web page. This kind of gives you the extra alert that this kind of man in the middle is happening. Because let's face it not everyone notices the little green bar or the lock icon and for the most part we've been trained that if you see the lock icon it's secure. But just because the Lockheed icon is there does not mean you have ended to end a security in all situations.
With SSH interceptions because they generally don't rely on a chain of trust like TLS certificates I don't know that they have a way of spoofing the fingerprint because that fingerprint is from the search on the other side and so if you know what the fingerprint is you will know when it's been changed. But if you're like a lot of people sometimes you just click through that warning.