[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shell access behind a trasparent proxy http only

Hello Gerhard,

that's not true. If the (transparent) proxy do not accept the CONNECT-Method (as needed for https) but only the GET-Method you cannot ssh through it, never the less on which port it listens.

Best regards
Dominique Görsch

Am 22.08.2010 22:42, schrieb Gerhard Venter:
80 is just a port number like any other.
So if the server you need to connect to isn't a web server (fat chance I
guess), you could run an ssh daemon on port 80.
That would be very easy, and meet all your requirements but you can't do
it if the server is already running something on port 80

On 22 August 2010 01:11, Boris Pavlov <edi@elib.minfin.bg
<mailto:edi@elib.minfin.bg>> wrote:

    lemme ask you: 1) user 2) proxy 3) target sshd?
    if so:

    a) can you access the proxy directly as proxy server pointing
    address and port?

    b)ask (or try, see below) if it supports CONNECT. usually, if you
    can make httpS - yes;

    c)if yes - on which ports.

    bind sshd at the target on this port (for example 443); just make
    sure the port is unused, and add another line with another one Port
    command, like this:
    # What ports, IPs and protocols we listen for
    Port 22
    Port 443
    reload or restart sshd and :
    netstat -lnp|grep sshd
    tcp        0      0 <>* LISTEN      14379/sshd
    tcp        0      0 <>* LISTEN      14379/sshd

    use client which supports this (putty for example)

    PS tested, works with plain proxy (squid) and putty.
    PS/2 sorry for the yelling, but: IT IS MANAGEMENT PROBLEM. don't try
    too hard to solve management problems with technical solutions. if
    you succeed, it may become nasty management's habit. sorry for the
    poor english.

    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact
    listmaster@lists.debian.org <mailto:listmaster@lists.debian.org>
    Archive: 4C706B48.8050901@elib.minfin.bg">http://lists.debian.org/4C706B48.8050901@elib.minfin.bg

Reply to: