"Method Not Allowed" when CONNECTing to a proxied ssh host

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: "Method Not Allowed" when CONNECTing to a proxied ssh host
From: Clodoaldo Neto <clodoaldo.pinto.neto@xxxxxxxxx>
Date: Fri, 26 Aug 2011 10:06:14 -0300
Reply-to: users@xxxxxxxxxxxxxxxx
Reply-to: clodoaldo.pinto.neto@xxxxxxxxx

CONNECTing trough a proxy in a virtual host only works if it is the default virtual host.

"Method Not Allowed" when trying to CONNECT to a proxied ssh host:

$ telnet torno.example.com 80
Trying 1.2.3.4...
Connected to torno.example.com.
Escape character is '^]'.
CONNECT ssh.example.com:22 HTTP/1.1
Host: ssh.example.com

HTTP/1.1 405 Method Not Allowed
Date: Fri, 26 Aug 2011 12:34:24 GMT
Server: Apache/2.2.15 (CentOS)
Allow: GET,HEAD,POST,OPTIONS,TRACE
Content-Length: 352
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>405 Method Not Allowed</title>
</head><body>
<h1>Method Not Allowed</h1>
<p>The requested method CONNECT is not allowed for the URL /.</p>
<hr>
<address>Apache/2.2.15 (CentOS) Server at <a href="" href="mailto:admin@xxxxxxxxxxxxxx">admin@xxxxxxxxxxxxxx">ssh.example.com</a> Port 22</address>
</body></html>
Connection closed by foreign host.

If the virtual host config file is moved from torno.example.com.conf to aaa.torno.example.com.conf it works:

$ telnet torno.example.com 80
Trying 1.2.3.4...
Connected to torno.example.com.
Escape character is '^]'.
CONNECT ssh.example.com:22 HTTP/1.1
Host: ssh.example.com

HTTP/1.0 200 Connection Established
Proxy-agent: Apache/2.2.15 (CentOS)

SSH-2.0-OpenSSH_5.3

It seems like the problem is that the connection is using the HTTP 1.0 protocol in instead of the 1.1 protocol which can handle the Host: Header.

This is the virtual host config:

<VirtualHost *:80>

     ServerAdmin admin@xxxxxxxxxxx
     ServerName torno.example.com
     ServerSignature Off

     HostnameLookups Off
     LogLevel Warn
     ErrorLog logs/torno.example.com-error_log
     CustomLog logs/torno.example.com-access_log combined

     ProxyRequests On
     AllowConnect 22

     <Proxy *>
         Order deny,allow
         Deny from all
     </Proxy>
     <Proxy ssh.example.com>
         Order deny,allow
         Allow from all
     </Proxy>

     ProxyPass / http://www.ibm.com/
     ProxyPassReverse / http://www.ibm.com/
     <Proxy http://www.ibm.com/>
         Order deny,allow
         Allow from all
     </Proxy>

</VirtualHost>

Regards, Clodoaldo Pinto Neto

Prev by Date: Re: Encode problem
Next by Date: logging from custom module ubuntu apache
Previous by thread: Logging Error
Next by thread: logging from custom module ubuntu apache
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]