Home / server / Questions / 127577
Accepted
lajuette
Asked: 2010-03-30 23:28:58 +0800 CST

Running multiple services on Port 443, Tunnel SSH over HTTPS

  • 772

Situation: I want to tunnel SSH sessions through HTTPS. I have a very restrictive firewall/proxy which only allows HTTP, FTP and HTTPS traffic.

What works: Setting up a tunnel through the proxy to a remote linux box that has a sshd listening at port 443

The problem: I have to have a web server (lighty) running at port 443. HTTPS traffic to other ports is forbidden by the proxy.

Ideas so far: Set up a virtual host and proxy all incoming requests to localhost: (e.g. 22)

$HTTP["host"] == "tunnel.mylinux.box" {                                         
    proxy.server = (                                                            
        "" => (("host" => "127.0.0.1", "port" => 22))                           
    )                                                                           
}

Unfortunately this won't work. Am i doing something wrong, or is there a reason, that this won't work?

firewall ssh-tunnel lighttpd https

2 Answers

  1. Best Answer
    • 5

  2. You might want to look into the C implementation of sslh.

    From the website:

    sslh lets one accept both HTTPS and SSH connections on the same port. It makes it possible to connect to an SSH server on port 443 (e.g. from inside a corporate firewall) while still serving HTTPS on that port. This feature has already been implemented as a Perl script.

    There are two problems with sslh:
    - It's in Perl. That means it's pretty RAM hungry, and probably not very fast.
    - It doesn't manage privilege dropping, which is rather questionnable.

    The obvious solution to both problems was to re-implement it in C, which is what this program is about.

    • 5