Re: It would be nice if OpenSSH would have features to circumvent network filters, like SSL tunneling

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Here is how I solved this problem:

1. I've built proxytunnel on Windows in Cygwin

2. proxytunnel failed due to an apparent bug with the SSL_set_tlsext_host_name invocation, so it had to be commented out, after which proxytunnel worked

3. I've configured proxytunnelin c:\Users\{user_name}\.ssh\config according to instructions in the GitHub README (ssl had to be enabled, SSL key check had to be disabled)

4. I've added the http_proxy_connect option to the FreeBSD port www/nginx that adds the ngx_http_proxy_connect third-party nginx module, and installed the package with this option enabled

5. I've configured http_proxy_connect according to its GitHub README, generated self-signed ssl keys, etc.

6. I added another, un-obvious port that the ssh server listens on, for this purpose.

After this ssh works through the https tunnel.

There are a lot of steps. I think that this makes this method inaccessible to most regular users so they would really be locked out of ssh due to the middlebox filtering.

Hopefully these instructions will help someone.



openssh-unix-dev mailing list

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux