[sslh] Fw:
Michael Avanessian
mkanet at yahoo.com
Thu Oct 25 22:37:08 CEST 2012
I figured out the problem! It is SSLH standalone causing the problem!
The below sslh commandline is able to pass http (decapsulated by stunnel4)
traffic to port 80 successfully. However, sslh commandline FAILS to pass SSH
(decapsulated by stunnel4) to SSH server.
sslh -p localhost:7777 --ssl localhost:80 --ssh localhost:22
stunnel4 simply decapsulates successfully SSL wrapper and forwards all traffic
to sslh. SSLH can only handle incoming http traffic. It can't accept incoming
SSH traffic for some reason. Does SSLH require an extra parameter?
I can prove this by changing stunnel to send SSH directly to SSH. Its fine that
way.
So, how can I get sslh to send SSH to port 22?
Thanks!
----- Forwarded Message ----
From: Michael Avanessian <mkanet at yahoo.com>
To: yves at naryves.com
Cc: sslh at rutschle.net
Sent: Thu, October 25, 2012 10:36:07 AM
Subject:
Since I am not able to get putty to use proxytunnel, I thought I would try do
alternate method:
On client:
puttyssh-->stunnel-client-->proxytunnel -a (standalone
mode)-------------------------->
proxytunnel -a 7000 -e -p localHTTPproxy:80 -P userID:password -d MYServerIP:443
-H "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET
CLR 2.0.50727; InfoPath.2; .NET CLR 1.1.4322; .NET CLR 3.0.30729; .NET CLR
3.5.30729; .NET4.0C; MS-RTC LM 8; .NET4.0E)\nHost:
MYServerIP.com\nContent-Length: 0\nPragma: no-cache"
On Server:
Stunnel-server-->sslh-->SSHServer
Stunnel is able to establish SSL connection. However, there is a problem with
handling decapsulated SSH connection. Below is stunnel server log.
Stunnel on server forwards to SSLH on port 7777, sslh then supposed to forward
SSH connections to port 22.
2012.10.25 10:15:32 LOG7[4100:9232]: Service [stunnel-sslh] accepted (FD=248)
from 137.200.0.103:21424
2012.10.25 10:15:32 LOG7[4100:9232]: Creating a new thread
2012.10.25 10:15:32 LOG7[4100:9232]: New thread created
2012.10.25 10:15:32 LOG7[4100:10964]: Service [stunnel-sslh] started
2012.10.25 10:15:32 LOG5[4100:10964]: Service [stunnel-sslh] accepted connection
from 137.200.0.103:21424
2012.10.25 10:15:32 LOG7[4100:10964]: SSL state (accept): before/accept
initialization
2012.10.25 10:15:32 LOG7[4100:10964]: SSL state (accept): SSLv3 read client
hello A
2012.10.25 10:15:32 LOG7[4100:10964]: SSL state (accept): SSLv3 write server
hello A
2012.10.25 10:15:32 LOG7[4100:10964]: SSL state (accept): SSLv3 write
certificate A
2012.10.25 10:15:32 LOG7[4100:10964]: SSL state (accept): SSLv3 write key
exchange A
2012.10.25 10:15:32 LOG7[4100:10964]: SSL state (accept): SSLv3 write server
done A
2012.10.25 10:15:32 LOG7[4100:10964]: SSL state (accept): SSLv3 flush data
2012.10.25 10:15:33 LOG7[4100:10964]: SSL state (accept): SSLv3 read client key
exchange A
2012.10.25 10:15:33 LOG7[4100:10964]: SSL state (accept): SSLv3 read finished A
2012.10.25 10:15:33 LOG7[4100:10964]: SSL state (accept): SSLv3 write change
cipher spec A
2012.10.25 10:15:33 LOG7[4100:10964]: SSL state (accept): SSLv3 write finished A
2012.10.25 10:15:33 LOG7[4100:10964]: SSL state (accept): SSLv3 flush data
2012.10.25 10:15:33 LOG7[4100:10964]: 6 items in the session cache
2012.10.25 10:15:33 LOG7[4100:10964]: 0 client connects (SSL_connect())
2012.10.25 10:15:33 LOG7[4100:10964]: 0 client connects that finished
2012.10.25 10:15:33 LOG7[4100:10964]: 0 client renegotiations requested
2012.10.25 10:15:33 LOG7[4100:10964]: 6 server connects (SSL_accept())
2012.10.25 10:15:33 LOG7[4100:10964]: 6 server connects that finished
2012.10.25 10:15:33 LOG7[4100:10964]: 0 server renegotiations requested
2012.10.25 10:15:33 LOG7[4100:10964]: 0 session cache hits
2012.10.25 10:15:33 LOG7[4100:10964]: 0 external session cache hits
2012.10.25 10:15:33 LOG7[4100:10964]: 0 session cache misses
2012.10.25 10:15:33 LOG7[4100:10964]: 0 session cache timeouts
2012.10.25 10:15:33 LOG6[4100:10964]: No peer certificate received
2012.10.25 10:15:33 LOG6[4100:10964]: SSL accepted: new session negotiated
2012.10.25 10:15:33 LOG6[4100:10964]: Negotiated TLSv1/SSLv3 ciphersuite:
DHE-RSA-AES256-SHA (256-bit encryption)
2012.10.25 10:15:33 LOG6[4100:10964]: Compression: null, expansion: null
2012.10.25 10:15:33 LOG6[4100:10964]: connect_blocking: connecting
127.0.0.1:7777
2012.10.25 10:15:33 LOG7[4100:10964]: connect_blocking: s_poll_wait
127.0.0.1:7777: waiting 10 seconds
2012.10.25 10:15:33 LOG5[4100:10964]: connect_blocking: connected 127.0.0.1:7777
2012.10.25 10:15:33 LOG5[4100:10964]: Service [stunnel-sslh] connected remote
server from 127.0.0.1:65475
2012.10.25 10:15:33 LOG7[4100:10964]: Remote socket (FD=468) initialized
2012.10.25 10:15:33 LOG7[4100:10964]: Socket closed on read
2012.10.25 10:15:33 LOG7[4100:10964]: Sending close_notify alert
2012.10.25 10:15:33 LOG7[4100:10964]: SSL alert (write): warning: close notify
2012.10.25 10:15:33 LOG6[4100:10964]: SSL_shutdown successfully sent
close_notify alert
2012.10.25 10:15:33 LOG7[4100:10964]: SSL alert (read): warning: close notify
2012.10.25 10:15:33 LOG7[4100:10964]: SSL closed on SSL_read
2012.10.25 10:15:33 LOG7[4100:10964]: Sent socket write shutdown
2012.10.25 10:15:33 LOG5[4100:10964]: Connection closed: 505 byte(s) sent to
SSL, 315 byte(s) sent to socket
2012.10.25 10:15:33 LOG7[4100:10964]: Remote socket (FD=468) closed
2012.10.25 10:15:33 LOG7[4100:10964]: Local socket (FD=248) closed
2012.10.25 10:15:33 LOG7[4100:10964]: Service [stunnel-sslh] finished (0 left)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rutschle.net/pipermail/sslh/attachments/20121025/7401149f/attachment.html>
More information about the sslh
mailing list