Re: SNI-like routing

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi Carl.

On 21.09.22 22:59, Carl Karsten wrote:
The goal is to host 4 or 5 websites for friends. all low traffic, so a
single box should be fine. 16 cores, 32g ram, 1 nic, 1 public IP.
hostname: prox

each site gets a VM, created manually, (they all get debian) add
friends ssh keys and let them ssh in and do whatever they want in
their vm.  and be able to ansible over ssh like ansible does.

hostnames vm1, vm2... friends all manage their own domain name
register / dns, point their www's at my IP.

I would like to keep ports all standard: 22 for ssh, 80/443 for
http/s, etc. and route to the VM based on hostname.

ssh user@prox gets the host, ssh user@vm1 gets vm1. curl http://vm1 gets vm1.

There are lots of ways to do this, I'm trying to work out a config
that makes it easy on their end.

Telling them all to use ProxyJump isn't out of the question, but I'm
hoping there are other options.

I don't mind a separate solution for ssh and http.  like for http I
can run an nginx on the public IP with

  server_name vm1;
   location / { proxy_pass http://10.0.0.1;

Another option could be to use `openssl s_client ...` with the `ProxyCommand`.

```
ssh -o ProxyCommand="openssl s_client -quiet -connect 172.16.0.10:2222 -servername 192.168.0.201" dummyName1
```

Some more good examples can be found in this blog post with routing examples via HAProxy.
https://www.haproxy.com/blog/route-ssh-connections-with-haproxy/

Hth
Alex
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux