7

Situation: I want to tunnel SSH sessions through HTTPS. I have a very restrictive firewall/proxy which only allows HTTP, FTP and HTTPS traffic.

What works: Setting up a tunnel through the proxy to a remote linux box that has a sshd listening at port 443

The problem: I have to have a web server (lighty) running at port 443. HTTPS traffic to other ports is forbidden by the proxy.

Ideas so far: Set up a virtual host and proxy all incoming requests to localhost: (e.g. 22)

$HTTP["host"] == "tunnel.mylinux.box" { proxy.server = ( "" => (("host" => "127.0.0.1", "port" => 22)) ) }

Unfortunately this won't work. Am i doing something wrong, or is there a reason, that this won't work?

Improve this question

2 Answers 2

Reset to default
5

You can do the trick using some Perl:

sslh - Switch incoming connection between SSH and SSL/HTTPS servers

Improve this answer
1
  • nice. i'll try that one! Commented Mar 30, 2010 at 9:19
5

You might want to look into the C implementation of sslh.

From the website:

sslh lets one accept both HTTPS and SSH connections on the same port. It makes it possible to connect to an SSH server on port 443 (e.g. from inside a corporate firewall) while still serving HTTPS on that port. This feature has already been implemented as a Perl script.

There are two problems with sslh:
- It's in Perl. That means it's pretty RAM hungry, and probably not very fast.
- It doesn't manage privilege dropping, which is rather questionnable.

The obvious solution to both problems was to re-implement it in C, which is what this program is about.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.