How to allow SSH when the network is blocked on all ports except HTTP and HTTPS?
I'm curious to know how I can create a SSH tunnel which allows me to SSH via 443 and will work even after the server is rebooted?
I'm trying to use Laravel Forge to configure the server. However if the SSH ports are blocked, Laravel forge will not work. Hence, I'm trying to find a way to allow SSH for Laravel Forge via a tunneling agent.
Well if port 443 is used by the webserver you cannot reuse it for something else (actually there are ways to do such things) What I would suggest is to have the server create an outbound SSH connection to another box, quite likely that the firewall policy will allow this.
Do something like this:
ssh -L 2222:localhost:22 some.other.server (Perhaps even make it persistent using a service. https://gist.github.com/drmalex07/c0f9304deea566842490)
Then login to some.other.server and do this:
ssh -p 2222 webserveruser@localhost Or let your automation connect to this port.
To take it one step further you could use the jump option to hop directly through the intermediate server. Your .ssh/config could look something like this.
Host intermediate.server HostName intermediate.server User someuser IdentityFile ~/.ssh/id_rsa Host webserver HostName localhost User someuser Port 2222 IdentityFile ~/.ssh/id_rsa ProxyJump intermediate.server effectively allowing you to do this:
ssh webserver Gotta love ssh!
