"Method Not Allowed" when CONNECTing to a proxied ssh host
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CONNECTing trough a proxy in a virtual host only works if it is the default virtual host.
"Method Not Allowed" when trying to CONNECT to a proxied ssh host:
$ telnet torno.example.com 80
Trying 1.2.3.4...
Connected to torno.example.com.
Escape character is '^]'.
CONNECT ssh.example.com:22 HTTP/1.1
Host: ssh.example.com
HTTP/1.1 405 Method Not Allowed
Date: Fri, 26 Aug 2011 12:34:24 GMT
Server: Apache/2.2.15 (CentOS)
Allow: GET,HEAD,POST,OPTIONS,TRACE
Content-Length: 352
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>405 Method Not Allowed</title>
</head><body>
<h1>Method Not Allowed</h1>
<p>The requested method CONNECT is not allowed for the URL /.</p>
<hr>
<address>Apache/2.2.15 (CentOS) Server at <a href="" href="mailto:admin@xxxxxxxxxxxxxx">admin@xxxxxxxxxxxxxx">ssh.example.com</a> Port 22</address>
</body></html>
Connection closed by foreign host.
If the virtual host config file is moved from torno.example.com.conf to aaa.torno.example.com.conf it works:
$ telnet torno.example.com 80
Trying 1.2.3.4...
Connected to torno.example.com.
Escape character is '^]'.
CONNECT ssh.example.com:22 HTTP/1.1
Host: ssh.example.com
HTTP/1.0 200 Connection Established
Proxy-agent: Apache/2.2.15 (CentOS)
SSH-2.0-OpenSSH_5.3
It seems like the problem is that the connection is using the HTTP 1.0 protocol in instead of the 1.1 protocol which can handle the Host: Header.
This is the virtual host config:
<VirtualHost *:80>
ServerAdmin admin@xxxxxxxxxxx
ServerName torno.example.com
ServerSignature Off
HostnameLookups Off
LogLevel Warn
ErrorLog logs/torno.example.com-error_log
CustomLog logs/torno.example.com-access_log combined
ProxyRequests On
AllowConnect 22
<Proxy *>
Order deny,allow
Deny from all
</Proxy>
<Proxy ssh.example.com>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://www.ibm.com/
ProxyPassReverse / http://www.ibm.com/
<Proxy http://www.ibm.com/>
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>
Regards, Clodoaldo Pinto Neto
[Index of Archives]
[Open SSH Users]
[Linux ACPI]
[Linux Kernel]
[Linux Laptop]
[Kernel Newbies]
[Security]
[Netfilter]
[Bugtraq]
[Squid]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Samba]
[Video 4 Linux]
[Device Mapper]